Multi-factor Authentication
Safeguard against potential unauthorized access to your tools
Last updated
Safeguard against potential unauthorized access to your tools
Last updated
Multi-factor authentication (MFA) is a best-practice authentication method that improves security for user accounts and access requests. It adds an extra layer of verification beyond traditional username and password credentials.
Apono's implementation of MFA allows administrators to enforce additional authentication for specific access flows, particularly for sensitive environments or data.
When MFA is enabled for an access flow, you gain the following key benefits:
Enhanced security that blocks nearly 100% of automated account attacks
Access to Apono logs that record when MFA was performed
Support for all major authenticator apps
We strongly recommend enabling MFA for access requests to sensitive resources.
Once you have enabled MFA for at least one access flow, requesters will see a banner in the Apono UI prompting them to set up MFA for their accounts.
Follow these steps to enable MFA for a new access flow:
Begin creating a self serve access flow.
After entering the Access Flow Name, click the Require MFA toggle to enable MFA for the access flow. The toggle will appear green when it is enabled.
Complete the remaining access flow creation steps.
Follow these steps to enable MFA for an access flow:
On the Access Flows page, find an access flow.
In the row of the access flow, click ⋮ > Edit. The Edit Access Flow page appears.
Click the Require MFA toggle to enable MFA for the access flow. The toggle will appear green when it is enabled.
Click Save Access Flow. The completion page appears.
Click Done.
If an administrator has enabled MFA for a resource you are requesting, you will need to enable MFA for your account.
Follow these steps to complete the integration:
In the Apono UI, in the banner at the top of the page, click Set Up MFA. The Privacy & Security window appears.
You can also click your user avatar > Security & Privacy.
Under Multi-Factor Authentication, in the Add Authentication App box, click Set up. The Multi-Factor Authentication popup window appears.
Follow the on-screen prompts to complete the authentication setup. The MFA callout banner will disappear.
For any MFA-protected request, you will need to enter the six-digit code from your authenticator app. Your successful MFA will persist for an hour and apply to any requests made within this time.
\
