Overview

If a user has multi-factor authentication (MFA) set up but needs to access a specific Org without MFA, an Administrator can disable MFA for that Org either through the User Management screen or API (Swagger).

User Account Requirements

Only Administrators can opt users out of MFA on their Org.

Related Information/Setup

Please refer to the Multi-Factor Authentication User Setup article for more information on setting up users with MFA.

Opting Out of Multi-Factor Authentication for a User through User Management 

1. From the Home screen, click the Administration icon.
   

   Administration Icon

2. From the Administrator settings menu, click User Management. 
   

   Administrator Settings Menu

3. Search the name of the user you want to opt out of MFA and click their name.
   

   User Name

4. From the User Management: Edit User screen, navigate to the Account Status section.
   

   Account Status Section

5. Click the Enforce org-level MFA toggle switch to turn it off to opt the user out of MFA for that Org.
   

   Enforce Org-Level MFA Toggle Switch

Opting Out of Multi-Factor Authentication for a User through Swagger

1. From the Home screen, click the Administration icon.

   

   Administration Icon

2. From the Administrator settings menu, click User Management. 
   

   Administrator Settings Menu

3. From the Admin Overview screen, click the Swagger Docs tile under the Tools section.

   

   Swagger Docs Tile

4. From the Admin: Help screen, click the user topic to expand the list of endpoints and click Put /user/users/{id}/membership to open the parameters.

   

   API Endpoint

5. Click the example value to load the call into the body.  

   

   Example Value

6. Delete all additional calls and commas, excluding "mfaOptOut": true".

   

   Edit Body

7. Enter the user ID in the id field. For information on how to retrieve a user ID, click here.

   

   ID Field

8. Click the Execute button to execute the API call.

   

   Execute Button