How to disable Yokohama MFA enforcement if you have SSO enabled already

CarolMa6
Tera Expert

‎03-25-2025 01:09 AM

Hi, 

 

I need your help here. 

 

Company ABC already has MFA and SSO enabled, and documentation says 

"Beginning in Yokohama, ServiceNow is going to begin enforcing MFA by default for any internal local logins, meaning any login that is not through a Single Sign-On (SSO) provider or from a Service Account." We upgraded to Yokohama patch 1 and this is enabled by default how can we disable this functionality since it says MFA should not be enforced if you use SSO?
 
Regards 
CarolMa
0 Helpfuls
  • 6,193 Views
13 REPLIES 13

jeffreybell
Tera Expert
In response to Dr Atul G- LNG

a week ago

Yes, and one interesting unintended consequence is if you have RPA bots, you will need to make sure you have a solution in place to tackle that challenge.

 

0 Helpfuls

Randheer Singh
ServiceNow Employee
In response to CarolMa6

‎03-25-2025 06:01 AM

Hi, @CarolMa6, 
This is not correct. Users with SSO login will not be forced with MFA.
Please read about the enforcement in detail in this KB

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1709783
Thanks,

Randheer

Randheer Singh
ServiceNow Employee

‎03-25-2025 05:59 AM

Hi @CarolMa6 ,
To clarify the details, the MFA enforcement is applicable to only logins that are not happening through SSO. SSO logins will work without any change. With this mandate, users who do not have snc_external roles and use ServiceNow local username and password-based logins will be asked to set up MFA. 

This ensures that all logins are protected. You do not need to disable the MFA policy.
Please read question 1d for more details from the MFA enforcement FAQ KB.

Thanks,

Randheer

0 Helpfuls

Lakshikaaa
Tera Contributor
In response to Randheer Singh

‎08-27-2025 10:57 PM

Hi Randheer Singh,

I'm unable to log in to my PDI. It asks for an authenticator code, but I had disabled MFA. When I try to scan the QR code again, it says: "You have an existing dev account for admin. Choose a different name for your new account." How can I access my existing PDI?

0 Helpfuls

Mark Roethof
Tera Patron

‎03-25-2025 06:13 AM

Hi there,

 

No customers yet on Yokohama, so can't respond from real experience. Though looking at the Docs:

 

"Enforcement of MFA for non-SSO logins to ServiceNow from the Yokohama release."

 

And else ofcourse admins can change this behavior.

 

Kind regards,

 

Mark Roethof

Independent ServiceNow Consultant

10x ServiceNow MVP

---

 

~444 Articles, Blogs, Videos, Podcasts, Share projects - Experiences from the field

LinkedIn