Skip to content

Configuring Multifactor Authentication

You can configure identity profile settings to require users to use an external mobile authenticator to sign in to IdentityNow.


In December 2023, SailPoint changed the requirements for accessing the admin interface. As part of this change, all Identity Security Cloud users with elevated permissions will be required to configure a Time-Based One-Time Password (TOTP) device. Refer to the SaaS Updates for more information.

  1. Go to Admin > Identity Management > Identity Profiles.

  2. Select the identity profile you want to configure to use MFA.

  3. Under Sign-in Method, select Multifactor Authentication.

The next time users on that source try to sign into IdentityNow, they will be prompted to set up their mobile device with an external authenticator. They will be prompted for a verification code from the authenticator on subsequent logins.


This is different from using two-factor authentication for password updates and authentication.