All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Access - AAGUID restrictions and AMR matching for Access independent MFA

2mo ago

Source

CloudflareAccess - AAGUID restrictions and AMR matching for Access independent MFAcloudflare.com
Snippet from the RSS feed
Independent MFA in Cloudflare Access now supports two additional organization-level controls: Restrict authenticators by AAGUID — Limit enrollment to a specific set of WebAuthn authenticators using their AAGUID . This is useful for organizations that require FIPS-validated security keys or company-issued hardware. AAGUIDs are managed through a new List type. AMR matching — Skip the independent MFA prompt when the identity provider has already performed an equivalent MFA. Access reads the amr claim defined in RFC 8176 and matches supported values such as hwk , otp , and fpt to the authenticator types allowed on the application or policy. This prevents users from having to complete MFA twice when their identity provider already enforces it. To get started, refer to Independent MFA .

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.