Hi @Randheer Singh , Can you help with excluding users with a specific role? I want to enforce MFA for all local accounts with the Admin role, but I need to exclude certain accounts. To achieve this, I created a dedicated role (mfa_exclude_role) and assigned it to the users I want to exclude. How can I configure it so that users with the mfa_exclude_role are exempt from MFA, even if they have the Admin role??

Hi @Ujjwal019 ,

Step 1: Create two new filter criteria.

1. Has admin role
2. Has mfa_exclude_role

Step 2: You can create a new authentication policy. name: MFA policy for admins

Step 3: associate the filter criteria to this new policy. You can also add the authentication scheme filter also

Step 4: add a condition

step 5: associate this policy with MFA context

step 6: set the enable adaptive authentication property (glide.authenticate.auth.policy.enabled) as true. Also make sure system property “glide.authenticate.multifactor" is true.

With these steps you should be able to enforce MFA for user with admin role doing username and password based login, while excluding certain users with a specific role.

Thanks,

Randheer

Hi @Mark Manders ,

Thank you for your input. Could you please share the documentation from ServiceNow regarding the mandatory MFA requirement in the next release of ServiceNow .

Hi @Mark Manders ,

Thank you for your input. Could you please share the documentation from ServiceNow regarding the mandatory MFA requirement in the next release of ServiceNow.