I’m trying to figure out how to write an Action (or Rule if necessary) that implements the following logic:
if new device:
require mfa
else if last MFA was more than 7 days ago:
require mfa
The gist: require the user to MFA at least every 7 days, but also capture cases where there’s no evidence of having previously MFA’d from the device/browser in question.
Hi @markd,
Check out the NewDevice object:
event.authentication.riskAssessment.assessments.NewDevice.confidence
For this, you’ll need to set up a way to store and check for the last time a user was able to authenticate with MFA. I think you could use app_metadata for this.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.