PDI - How to Reset User Multi-factor Authentication (MFA)

Mittal_M
Giga Guru

How to reset the multi-factor authentication for the system admin account of my PDI instance, I have accidently deleted my instance account in the authenticator app for my "admin" account. I don't have any other account to login into my PDI hence I can't login and access my PDI at all.

I have reached out to developer email but so far haven't got any response.

Appreciate any help on this.

@John_Yates 

Thanks
1 ACCEPTED SOLUTION

cncsyshu
Tera Expert

You can use postman to send api to update the user's MFA field.

Method: PATCH

URL: https://<yourinstance>.service-now.com/api/now/table/sys_user/6816f79cc0a8016401c5a33be04be441

Authorization: Basic Auth

Username/Password: Your admin account

 

Body:

{"enable_multifactor_authn":"false"}

 

After you updated the field to false, you can login without MFA code.

View solution in original post

7 REPLIES 7

Hi @Simon Hendery @Deepak Shaerma ,

 

I would like to access this page and setup the MFA again for admin account as I accidently deleted the account in authenticator app (screenshot 1), hence I can't enter the 6-digit code to login and verify during the login (screenshot 2).

Screenshot 1: MFA Setup

Mittal_M_0-1754894375427.png

 

Screenshot 2: Login page authenticator code.

Mittal_M_2-1754894601424.png

 

@John_Yates , wanted to check with you based on your last comment in this post https://www.servicenow.com/community/platform-privacy-security/reset-user-multi-factor-authenticatio..., are you able to get the right resource/information ?

 

Thanks

cncsyshu
Tera Expert

You can use postman to send api to update the user's MFA field.

Method: PATCH

URL: https://<yourinstance>.service-now.com/api/now/table/sys_user/6816f79cc0a8016401c5a33be04be441

Authorization: Basic Auth

Username/Password: Your admin account

 

Body:

{"enable_multifactor_authn":"false"}

 

After you updated the field to false, you can login without MFA code.

This option will not work for latest Yokohama Instance because In the Yokohama release of ServiceNow, and later Multi-Factor Authentication (MFA) is enforced by default for all internal users who log in without Single Sign-On (SSO). Disabling MFA globally—especially via the Table API—is intentionally blocked by ServiceNow through Business Rules like RestrictDisablingMFAProp and and if you try disabling this business rule which you can using Table API,  but in the Yokohama release of ServiceNow, the second Business Rule named Discourage turning off MFA is part of a platform-enforced security mechanism that cannot be disabled through standard means like:

  • Table API
  • Background scripts
  • UI actions

This rule is designed to prevent administrators from disabling MFA globally, especially via automation, to ensure compliance with ServiceNow’s enhanced security posture.