By: Akhina S Kumar Account Admin 15 Jul 2024 at 7:32 a.m. CDT

3 Responses

Hi Team, We are trying to implement MFA authenication to one of our OIDC application. Expected Behaviuor: The application should go through MFA whenever user tries to access. Current Behaviour: Users are getting MFA if they are trying from a fresh browser. But if the browser already has a session of another application authenticated, users are able to access the application without any MFA. Please let me know if you need any other information. Thanks, Akhina

Gluu 4.4 Rhel 8.0

closed

By Michael Schwartz Account Admin 15 Jul 2024 at 8:09 a.m. CDT

Copy

The behavior you are describing is called SSO. It's normally up to the client to say if the `acr` in the id_token is not acceptable. See this issue if you want to hack stepped up authn on the IDP. https://support.gluu.org/authentication/11863/how-to-stepped-up-authentication-for-application/ And I'm closing this issue because the support entitlements of the customer don't cover this issue, and Sennovate is not a partner in good standing because they've never sold a single Gluu customer.

By Michael Schwartz Account Admin 15 Jul 2024 at 8:11 a.m. CDT

Copy

see above

By Michael Schwartz Account Admin 15 Jul 2024 at 8:12 a.m. CDT

Copy

BTW, if you want community support, start using Janssen Project: https://jans.io and then you can post on https://jans.io/discussions

You need to Login in order to post an answer

Facing issue with configuring MFA for OpenID application

By: Akhina S Kumar Account Admin 15 Jul 2024 at 7:32 a.m. CDT

Answers

By Michael Schwartz Account Admin 15 Jul 2024 at 8:09 a.m. CDT

By Michael Schwartz Account Admin 15 Jul 2024 at 8:11 a.m. CDT

By Michael Schwartz Account Admin 15 Jul 2024 at 8:12 a.m. CDT

Post an answer