How to enforce MFA to the users who does not have any roles - Yokohama version.

hmala
Tera Contributor

‎04-28-2025 05:05 AM

Do we have any direct approach by ServiceNow? to enforce MFA to the users who does not have any roles - Yokohama version.

I have used a dummy role to achieve this as workaround.

However, I am curious to know if there is a certain process by ServiceNow.

 

 

Thanks,

Hari

0 Helpfuls
  • 591 Views
7 REPLIES 7

Ankur Bawiskar
Tera Patron
Tera Patron
In response to hmala

‎04-28-2025 06:31 AM

@hmala 

I don't think it's available for users without role.

any user in instance will have either snc_internal or snc_external role and MFA

MFA is enforced for snc_internal users and not on snc_external user although it can be enabled for them

Multi-Factor Authentication (MFA) Enforcement FAQ 

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Randheer Singh
ServiceNow Employee
ServiceNow Employee

‎04-28-2025 06:57 PM

Hi @hmala,

If you want to enforce MFA for all users irrespective of their role, you can just use the authentication scheme filter criteria. In the policy condition, you can use an authentication scheme is "username and password".

 

Thanks,

Randheer

0 Helpfuls

Ambuj Tripathi
ServiceNow Employee
ServiceNow Employee

‎07-07-2025 02:40 AM

Hi  @hmala 

 

Yes, this is possible via the group filters. What additional step you need to do is to add the users (or automate it?) to a group and always enforce MFA for the logging in users if they belong to this group.

 

Also, along with this, you can club other filter conditions, like logging mechanism, roles, IPs etc.

But yeah..this is one possible way hack way.

 

Thanks!

-Ambuj 

 

 

0 Helpfuls