Assign a Security Policy to a User
Adding security policies to your primary user directory enables you to apply restrictions and protocols to users on an individual or group basis. With OneLogin, you can create policies for password specifications, session activity controls, multi-factor authentication (MFA), and IP address whitelists. For more information, see User Policies.
Note: This procedure assumes that you have already created at least one user. For more information, see Add Users to OneLogin.
To add MFA to your account:
Sign in to your OneLogin account as an administrator.
Go to Security > Authentication Factors > New Auth Factor and choose the factor(s) that you want to add.
Go to Security > Policies and select Default policy.
On the MFA page in the One-time passwords section, check OTP Auth required and select the factor(s) that you added in the previous step.
In the Enforcement section, choose the users that should be required to use MFA the next time they attempt to sign in.
Click Save.
All users on this policy now have access to MFA from their profile page. You must add one or more authentication factors for your OneLogin account to use MFA.
Note: You can also assign MFA security policies to groups. For more information, see Use MFA for extra security.
To assign a default policy to a user:
Sign in to your OneLogin account as an administrator.
Click Administration on the toolbar to go to the Admin panel.
Go to Users > Users and select one of the users on the page.
On the User Info page, select Authentication.
In the Authentication window, in the User security policy drop-down list, choose Default policy.
Click Save User.
You can now add and configure MFA factors that you want available for your users.
If you’ve been using OneLogin’s free 30-day trial, click here to learn how to buy OneLogin.
