SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.

Portal Multi-Factor Policy to Allow Multiple Rule-Sets

Portal Multi-Factor Policy Enhancements 

Currently in our version of CAS, IDR Software Version:, the Portal Multi-Factor policy (System Policy) does not allow for multiple rule sets and the only Target Audience is All Authenticated Users.  


We have a process where enrolling into our MDM, user would need to access the MDM via a non-trusted network.  If there was the ability to Target these one-off via AD group, users to allow MFA Bypass during the MDM enrollment and remove them post enrollment would be ideal for the organization.


Currently I see no other way either by leveraging ODA, which often these are new user with no ODA enrollment of the Emergency Token feature.


Is there a configurable way to bypass the MFA for the enrollment as the Portal MFA policy overrides the Application policy which does allow for this workflow.

Labels (1)
4 Replies
Frequent Contributor Frequent Contributor
Frequent Contributor

Hi Billy,


For the enhancement request, please add your request to our ideas page which can be found here


In the interim, a potential solution might be to configure your MDM solution to integrate with our cloud IDP. This would bypass the portal and allow you to do group-based access control independent of your portal policy.

Thanks Randy, I’ll look to see if there is any Intune integration with RSA.


Sent from Outer Internets


My pleasure!


It looks like you may be using RSA SecurID Access for SSO access to Office365. The cloud IDP may not be a viable solution since authentication into Intune is pretty much "hitched" to the overall Office365 authentication process.

Please reach out to me (Randy Belbin) and Stephen Coltart‌ directly and let's set up a time to work through some options.


Hi Randy, I have a WS-Federation Office365 Direct STS Configured in Production.  RSA is providing Authentication via SSO and MFA.