From a configuration perspective MFA can be triggered from rules or through the Require Multi-factor Auth setting available in the MFA dashboard section. It’s a long shot, but have you already confirmed that this other settings is not configured to always require MFA?
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Will This If Conditional Execute? | 6 | 33 | October 2, 2024 | |
| Conditional multi-factor rule removes permissions from JWT | 9 | 4006 | March 9, 2021 | |
| MFA not required even though factor is enabled? | 9 | 43 | April 1, 2025 | |
| Not able to refresh token if mfa is eanbled (Error: mfa_required) | 6 | 4385 | April 7, 2023 | |
| Require MFA once per session rule only for enrolled users | 2 | 1934 | November 2, 2022 |