Hi,
With migrate to Yokohama, users without SSO must enable the MFA.
For some users we want to use the Email Authentication only.
When logging in, the user got the message :
And on the profile page, when clicking on Configure Multi-factor Authentication, Email MFA is not available.
Can you tell us how the user can select Email MFA ?
On MFA Context, the MFA Factor Policies are configured :
Regards,
karine
Hi @Karine_M
There are some additional user level checks which are also required.
1: User's email field should not be empty.
2: User level notifications should be enabled for the testing user. ( sys_user.notification = 2)
3: Please check if the email MFA property and adaptive auth property is enabled in the instance (Email MFA - glide.authenticate.multifactor.email.otp.enabled, Adaptive Auth - glide.authenticate.auth.policy.enabled).
4: The Email MFA Factor policy is enabled - https://instance.service-now.com/sys_authentication_policy.do?sys_id=5263ab587761111029fc1646ba5a99a...
Now, if all of the above configurations are correct, then it means the factor policy is evaluating to false for this specific user in the instance.
To verify this, you can enable the adaptive auth debug property in the instance and search with either the Email Factor policy name or policy sys_id. If the policy evaluation result is coming as true, then it wont even show the MFA setup page and it will redirect user to validation page - validate_multifactor_auth_code.do
For the reference, I am putting MFA Factor policy doc link here - https://www.servicenow.com/docs/bundle/yokohama-platform-security/page/integrate/authentication/task...
Can you please check above and let me know if the issue still persists. This should fix the issue and take the user to validation page directly. Please try it out and let us know.
Thanks!
-Ambuj
