The PingOne MFA IdP Adapter allows you to prompt users to set up their first multi-factor authentication (MFA) method.
After a user completes first-factor authentication, the adapter gets a list of the user's second-factor authentication methods from PingOne. For users that don't have any existing authentication methods, the MFA setup prompt appears.
The user can click Setup, then select the type of authentication method they want to add. You can include an optional Skip button if you don't want to force users to set up MFA.
To enable this feature, follow this guide while you complete the steps in MFA setup.
When Configuring an adapter instance, do the
- Select the Prompt Users to Set Up MFA check box.
If you want to make MFA optional, select the Allow Users to
Skip MFA Setup check box.
This lets the user sign on without adding an authentication method.
When Creating an MFA authentication policy in PingOne, in the None or incompatible
methods section, select Block.