MFA - how do I know if User has it enabled?

David_Mann · December 5, 2023, 11:38am

Hello all,

Genesys Cloud CX released the MFA feature on user accounts a few months ago. As Admins we are able to reset their accounts and remove the MFA Devices.

But How does an admin know if the account has an MFA device added?

I can see there is three permissions regarding this MFA feature. mfa > verifier > Delete/Edit/View

How can I see if a user has a device added to the account?

also from this image below, our Org uses SSO, so if we enable it in Org Settings. Does this mean no one who uses SSO will be prompted to add a device or will all of our users now be asked to add a device but wont receive MFA prompts?
then those who dont use SSO will be prompted for MFA each login?

David_Mann · December 5, 2023, 1:24pm

Hello all,

I have only found one solution to this so far.

It has to be done by API POST.

Head on over to https://developer.genesys.cloud/

Do a User search using the following Parameters:

POST /api/v2/users/search

{
"sortOrder": "DESC",
"sortBy": "email",
"pageSize": 1,
"pageNumber": 1,
"query": [
{
"fields": [
"email"
],
"value": "",
"type": "EXACT",
"operator": "AND"
}
]
}

Once you get the the results you are looking for the USERID. Copy this and then move down the page to do a another GET search using

GET /api/v2/users/{userId}/verifiers

Inputting the UserID.

It will then display how many MFA verifiers the person has set up along with if its the default one or if its enabled etc.

Hope this helps anyone else, if there is an easier way let me know. thanks

system · January 5, 2024, 1:25pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.