mfa is enabled for all users authentication policy not working

Debasis Pati · 3 weeks ago

Hello All,

In my instance mfs is enfocred for local logins and i have a requirement below.
A break glass user should be only allowed to instance if tried to access the instance within iprange outside ip range it should not allow.

Now i ahve created a policy to do so and also added the authentication scheme,Part of break glass group & ip ranges -also in ip ranges i have added my start and end ip range.
Now i created one user added to the groupand tried to do local login to the instance outside ip range but it allowed the user to login.
Not sure why.

@Ankur Bawiskar any idea?

GlideFather · 3 weeks ago

Hi @Debasis Pati,

how exactly have you enforced the IP range?

Was it via this module

or any other?

Please share some more details

_____
100 % GlideFather experience and 0 % generative AI

Debasis Pati · 3 weeks ago

No My requirement is not for all users it is only for local login users that too for a break glass user account group users.

This is configured via the adaptive authentication>>>policies.

Ankur Bawiskar · 3 weeks ago

@Debasis Pati

please share what setup you did for this along with screenshots

Regards,
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader

Ankur Bawiskar · 3 weeks ago

@Debasis Pati

check this

Bypass Multi-factor Authentication (MFA) based on IP Addresses

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader