What is Two/Multi Factor Authentication
2FA/MFA is an authentication solution that requires a user to present two or more independent pieces of evidence as part of their authentication/login procedure. This often means using an Authenticator App on a mobile phone or a text message/SMS verification in addition to the common password-based login. This form of securing an application is commonly used to secure critical software and websites as a whole, or to ensure that access to certain user roles (like administrators or super users) have an additional layer of security in place.
The iGrafx Platform does not have a built-in multi factor authentication solution. However, we seamlessly integrate with a variety of SSO providers via our authentication schemes. Many of the SSO providers, in particular SAML-based Identity Providers like Microsoft Azure Active Directory, Ping or Okta and Auth0 allow you to configure 2FA/MFA directly in your identity solution. This can be achieved for your whole user base or on a per-role basis (enforcing 2FA/MFA for adminstrators). As the authentication happens prior to having access to data in the iGrafx Platform, it is not possible to use local groups or permissions from the iGrafx Platform to distinguish users that need 2FA/MFA from those that don't. In this case, we recommend integrating your user synchronization in the platform via an LDAP/Active Directory or SCIM service that connects to your Identity Provider. Groups will then be defined and maintained in your identity solution and the iGrafx Platform imports the group/user base automatically.