Using Mobile Authenticator Redirect

Users who have multiple accounts can redirect their Mobile Authenticator notifications to another user account. When you choose Mobile Authenticator as one of your MFA methods, you can specify a particular user account to receive authentication notifications. Then, when you attempt to log in to an account that has been activated with this feature, the device for the specified target account receives the authentication request.

For example:

A user has two accounts, called UserA and UserB. The user chooses Mobile Authenticator as one of their MFA options and the system administrator has activated the Mobile Authenticator Redirect feature for this user.

The user logs in to his UserA account and enables Mobile Authenticator Redirect. The user specifies UserB as the target recipient of the notifications.

The user then logs in to a device registered under the UserA account. A different device, which is registered under the UserB account, receives a Mobile Authenticator notification to authenticate UserA. When the Approve button is tapped on the notification window, the UserA login is successful.

There are two ways to activate Mobile Authenticator Redirect:

  • Sys Admin Activation. The system administrator can make changes to the user profile.
  • User Activation. If the policy has been activated for users by the system administrator, users can modify their activate Mobile Authenticator Redirect for themselves in the Admin Portal . For more information, see Activating the Mobile Authenticator Redirect feature in the Admin Portal .