How to show only Email MFA Option to Users In Yokohama

pujaray7196
Kilo Contributor

We're going to be upgrading to Yokohama next month and I am starting to prep for mandatory MFA with this release. At my organization, we serve two distinct user bases, internal customers that sign in with SSO and outside customers who use

2 REPLIES 2

kaushal_snow
Mega Sage

Hi @pujaray7196 ,

 

1. Configure an MFA Factor Policy for Email OTP..

 

Navigate to Multi Factor Authentication > MFA Context, then go to the Factor Policies tab. Create a policy that targets your external users (for example, users without the snc_external role or those whose email address ends with your client domain).. When this policy evaluates to true for a user, they will be taken directly to the Email OTP validation screen, bypassing all other MFA options.


2. Optionally Disable the Multi-Option Setup Interface

 

Set the system property glide.auth.mfa.ui.v2.enabled = false. This hides the default multi factor selection screen, so users affected by the policy will see only the Email option if eligible.


3. Ensure Email MFA Actually Triggers

 

Verify the following essential configurations to make Email OTP work properly..

 

 

The user's email field is populated.

User notifications are enabled

 

 

Both these system properties are turned on:

 

glide.authenticate.multifactor.email.otp.enabled

glide.authenticate.auth.policy.enabled

 

 

The Email MFA Factor policy is enabled and active....

 

If you found my response helpful, please mark it as ‘Accept as Solution’ and ‘Helpful’. This helps other community members find the right answer more easily and supports the community.

 

 

Thanks and Regards,
Kaushal Kumar Jha - ServiceNow Consultant - Lets connect on Linkedin: https://www.linkedin.com/in/kaushalkrjha/