MFA Once per Session Action FAQ example seems incomplete

I’ve read this recent FAQ post about using the mfa once per session process as an action

But while this technically works, this feels incomplete when compared to the original Rules-based implemention, which checked for a mfa confirmation, and had the user proceed… Setting the 30 day MFA flag automatically doesn’t give the end-user the ability to see their MFA confirmation on logout.

Can an implementation that’s equivalent to the rules “Require MFA once per session” implementation be provided?


1 Like