Multi-factor authentication for Customer and Consumer Service Portals

  • Versão de lançamento: Australia
  • Atualizado 12 de mar. de 2026
  • 2 min. de leitura

    • Multi-factor authentication, also known as two-step verification, is a security requirement that asserts a user enter more than one set of credentials.

    Enable multi-factor authentication for Customer and Consumer Service Portal users so that access to the self-service web portals is more secure from potential vulnerabilities. For more information, see Multifactor authentication (MFA).

    Multi-factor authentication properties

    Use properties to enable role-based multi-factor authentication criteria and configure the behavior.
    Tabela 1. Properties for multi-factor authentication
    Property Description
    Enable Multi-factor authentication

    [glide.authenticate.multifactor]

    		 Select this check box to enable users and administrators to use this feature.
    • Type: enabled | disabled
    • Default value: enabled
    • Location: Multi-factor Authentication > Properties
    Number of times a user can bypass setting up multi-factor authentication

    [glide.authenticate.multifactor.setup.bypass.count]

    		 Enter a number that represents how many times a user can skip the additional passcode requirement, allowing them to log in even without their mobile device. If you disable this feature and then re-enable it, the counter starts over again.
    • Type: string
    • Default value: 3
    • Location: Multi-factor Authentication > Properties
    The time in minutes, the one-time code sent to user's email address is valid for

    [glide.multifactor.onetime.code.validity]

    		 Enter a number in minutes that specifies how long the reset code is valid. See Log on with multi-factor authentication.
    • Type: string
    • Default value: 10
    • Location: Multi-factor Authentication > Properties
    Additional time in seconds for which the code will be valid to accommodate for the clock skew. Max value is 60 seconds.

    [glide.authenticate.multifactor.clock_skew]

    		 Enter a number in seconds with a maximum of 60.

    By default, the instance validates the code entered by you against the single app-generated code generated at whatever the current time is. You can skew the time window with this property and allow one or more codes generated during a time window to be considered valid.

    The property's value is used in the following calculation: current time - x/2 and current time + x/2, where 'x' is the value of this property. If you use the value of 10, for example, the instance considers any codes generated by the app between the time range [the current time - 5 seconds] and [current time + 5 seconds] to be valid.

    Use this property to help prevent log in issues where you’re unable to enter the correct code in the default time allotted.

    Configure roles for multi-factor authentication

    Add the following external roles to the multi-factor roles:
    • sn_customerservice.customer
    • sn_customerservice.consumer
    Users with these roles are required to use multi-factor authentication. For more information, see Configure user-based multi-factor criteria.