This configuration is optional for Service Providers (SP).
As a SP, you can require that your business partners meet additional authentication requirements before they can access the resources/applications hosted on your Centrify tenant. For example, you can require that your partner authenticate by answering a security question. This additional requirement ensures that the partner user is using multi-factor authentication (MFA) to access your Centrify tenant.
To specify additional authentication requirements:
- Login to Admin Portal.
- Click Access > Policies.
- Select the relevant policy set.
- Click Login Policies > Centrify Portal.
Define the authentication requirements you want your partner users to meet. See How to define authentication requirements.
Note: We recommend that you do not define password as one of the additional authentication mechanisms because Privileged Access Service assumes that your partners are logging in using a username/password. If you specify password as one of the authentication mechanism, it will be ignored. For example, if you choose an authentication profile with phone call and password as the authentication mechanisms, the partner user will only be authenticated using phone call.
- Select the Apply additional authentication rules to federated users checkbox.
- Click Save.