MFA is very critical for Cloud Security. Below are one-time setup steps to make MFA enabled for all users in OCI. After following these steps, all users will be prompted to set up MFA on their next login. After setting up MFA, the user will be required to provide an MFA code in addition to their password when logging in to Oracle Cloud.
For enabling MFA FOR IDCS federated users,
Go to IDCS Admin console
Select MFA under Security
Choose whatever factor you want to enable for users and click save:
And then changed the sign-on policies
Either edit the default sign-on policy or create a custom policy
Click on sign-on rules and click edit
Select either “any factor” or “specific factor” as per need
The below screen will prompt now for our tenancy for ALL users trying to access to do 2-factor authentication:
Any method can be chosen by the user since we enabled all the factors in this example:
We enabled the mobile app so the cell phone was enrolled.
Next time when user will log in, the user will get the below screen:
Only after successful verification on the cell phone, the Console will appear.
Please note that the MFA setup process might be slightly different depending on the Oracle Cloud version or edition you are using, and the specific feature set available to you, please refer to the Oracle Cloud documentation for more detailed steps on how to enable MFA for your specific case.
- Oracle Database Service for Azure (ODSA) 3 – Database Services - May 1, 2023
- Oracle Database Service for Azure (ODSA) 2 – Interconnect Details - April 30, 2023
- Oracle Database Service for Azure (ODSA) 1 – Fundamentals - April 29, 2023