A sign-on policy dictates how the user's identity will be verified when signing on to the system.
In this example, you’ll configure the multi-factor authentication (MFA) step in a sign-on policy for pushless and time-based one-time password (TOTP) authenticator app support. This step is an extension of MFA using a mobile application.
Configuring pushless and TOTP MFA for a mobile application using the admin console
- Go to .
- Locate your MFA policy and click the entry to open the details panel.
- Click the Pencil icon to enter edit mode.
- In + Application. , click
-
In OTP & Push, select one of the following
options:
- OTP: TOTP is enabled and Push is disabled.
- Push (default): Push is enabled and TOTP is disabled.
- OTP & Push: TOTP and Push are enabled.
- Click Save.
Configuring pushless and TOTP MFA for a mobile application using the API
Application developers can use the API operations to configure TOTP and pushless MFA using a mobile app. The applications parameter is an array of native applications, with additional configuration options for TOTP and pushless MFA.
For more information, see Creating a native app and creating a sign-on policy for a TOTP device.