Customize the MFA Frequency

Problem Statement:

I know that when provider is set to google-authenticator or duo, we can enforce custom MFA policy to skip MFA for 30 days. Is it possible to memorize the device for only 1 day or several days?


Changing the period for remembering the device is not customizable at the moment. But, there can be different ways to decide on the MFA frequency depending on your business use case.

Using rules as explained here: Require MFA once per session
Using Post-Login action to enforce custom MFA policy:
Login Flow
Actions Triggers: post-login - Event Object
Actions Triggers: post-login - API Object