Enabling MFA for the Local Login of SSO Users

In the current configuration of F5 Distributed Cloud, SSO-enabled users retain the ability to log in locally as a fallback if SSO fails—this is by design. However, Multi-Factor Authentication (MFA) cannot be enforced for these local logins unless the user is a Tenant Owner. This limitation poses a significant security risk, as it leaves local logins of SSO users unprotected by MFA. We recommend enabling MFA support for all local login attempts in SSO-enabled environments to enhance security posture.

  • Isuru Jayaweera
  • Apr 11 2025
  • Attach files