Built something you're proud of? Tell the story. A quick G2 review of App Engine or Build Agent helps other developers see what's possible on ServiceNow. Share your experience.

mfa is enabled for all users authentication policy not working

Debasis Pati
Kilo Sage

‎02-17-2026 10:42 PM - edited ‎02-17-2026 11:06 PM

Hello All,

In my instance mfs is enfocred for local logins and i have a requirement below.
A break glass user should be only allowed to instance if tried to access the instance within iprange outside ip range it should not allow.

Now i ahve created a policy to do so and also added the authentication scheme,Part of break glass group & ip ranges -also in ip ranges i have added my start and end ip range.
Now i created one user added to the groupand tried to do local login to the instance outside ip range but it allowed the user to login.
Not sure why.

@Ankur Bawiskar any idea?

 

0 Helpfuls
  • 534 Views
6 REPLIES 6

Tanushree Maiti
Kilo Patron

‎02-18-2026 02:24 AM

Hi  @Debasis Pati 

 

Make sure under the IP address Access Control (Navigate to System Security > IP Address Access Control)

Along with Allow rule, you have defined Deny rule properly.

 

Share your policy screen shot- it will be helpful to debug your issue in more efficient way.

Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:
0 Helpfuls

Debasis Pati
Kilo Sage
In response to Tanushree Maiti

‎02-18-2026 03:09 AM

i do not have System Security > IP Address Access Control) but i have it in adaptive authentication >>> Ip address filter criteria

and i have created a policy 

DebasisPati_0-1771412915001.png

 

DebasisPati_1-1771412948016.png

 

 

0 Helpfuls