Multi-factor authentication( MFA) enabled based on groups?

ShavageS
Tera Contributor

‎01-08-2025 09:54 PM

Hi All, 

Good Day!

 

Can some one suggest how we can Enable multi-factor (MFA) authentication based on groups?

0 Helpfuls
  • 1,395 Views
13 REPLIES 13

Randheer Singh
ServiceNow Employee
ServiceNow Employee

‎01-09-2025 03:14 AM

Hi @ShavageS ,

You can use the MFA context Policy to enforce MFA based on groups.

 

Steps :

1. Create Group Filter Criteria

2. Create a new Adaptive Authentication Policy

3. Associate group filter criteria with the new Adaptive Authentication Policy. You can also add additional filters, such as authentication schemes and IP filter criteria.

4. Add Policy conditions

5. Associate policy with MFA context policy. and choose the default policy (for example: step-up)

 

This community article can be consulted for reference. The steps would be similar. Instead of IP criteria, you can use group filter criteria.

https://www.servicenow.com/docs/bundle/xanadu-platform-security/page/integrate/authentication/task/c...
https://www.servicenow.com/docs/bundle/xanadu-platform-security/page/integrate/authentication/concep...

Thanks,

Randheer

 

0 Helpfuls

Siddharam
Tera Contributor
In response to Randheer Singh

‎01-10-2025 01:06 AM - edited ‎01-12-2025 09:04 PM

Thank you for your input

0 Helpfuls

ShavageS
Tera Contributor
In response to Randheer Singh

‎01-10-2025 01:19 AM

Hi @Randheer Singh ,

Thanks for your input. We tried for Domain separated Environment but its not working. Do we need to do any extra configuration setting to achieve this for domain Separation environment. 

0 Helpfuls

PrernaSingh
Tera Contributor

‎04-07-2025 05:37 AM

Hi,

 

I want to enable multi-factor authentication for all admin users except two of them. Please let me know if it is possible or not.

0 Helpfuls