Portal Multi-Factor Policy Enhancements
Currently in our version of CAS, IDR Software Version: 12.9.0.0.4, the Portal Multi-Factor policy (System Policy) does not allow for multiple rule sets and the only Target Audience is All Authenticated Users.
We have a process where enrolling into our MDM, user would need to access the MDM via a non-trusted network. If there was the ability to Target these one-off via AD group, users to allow MFA Bypass during the MDM enrollment and remove them post enrollment would be ideal for the organization.
Currently I see no other way either by leveraging ODA, which often these are new user with no ODA enrollment of the Emergency Token feature.
Is there a configurable way to bypass the MFA for the enrollment as the Portal MFA policy overrides the Application policy which does allow for this workflow.
Hi Billy,
For the enhancement request, please add your request to our ideas page which can be found here RSA Ideas for RSA SecurID Access
In the interim, a potential solution might be to configure your MDM solution to integrate with our cloud IDP. This would bypass the portal and allow you to do group-based access control independent of your portal policy.