Note: If you're using trusted corporate devices with certificates or trusted networks (via VPN, Zero Trust Network Access, IP allowlists, trusted IP ranges, or login IP ranges, for example) for SSO access, go to Question 4. See Use Salesforce MFA for SSO Logins in Salesforce Help for details. For products built on the Salesforce Platform, you can use the free MFA functionality provided in Salesforce instead of enabling MFA at the SSO level.Integrate a Continuous Adaptive Risk and Trust Assessment (CARTA) or risk-based authentication system with your SSO solution.Talk to your SSO provider about using their MFA service.To satisfy the MFA requirement, consider these options: Copy the proprietary JAR itself into the same directory. Copy the linking JAR, in this case ant-jai.jar, into the library directory you chose in step 1 above. Unzip or untar the distribution into a temporary directory. One-time passcodes via email, text messages, and voice calls aren't acceptable. Download a non-JPackage binary distribution from the regular Apache Ant site. Your Salesforce users must receive an MFA challenge when they log in to your SSO site and they must verify their identity with a strong verification method. Note: If your users aren't prompted for a verification method on every login because you've implemented a Continuous Adaptive Risk and Trust Assessment (CARTA) or risk-based authentication system, your implementation satisfies the MFA requirement. Awesome! Based on your answers, you satisfy the MFA requirement because you're using SSO and MFA with strong verification methods to access Salesforce products.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |