{"id":76786,"date":"2023-06-05T13:11:34","date_gmt":"2023-06-05T17:11:34","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&#038;p=76786"},"modified":"2025-02-21T16:03:07","modified_gmt":"2025-02-21T21:03:07","slug":"require-mfa-for-users","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/require-mfa-for-users","title":{"rendered":"Require MFA for Users"},"content":{"rendered":"\n<p>After you\u2019ve configured an MFA factor type, you need to require MFA on your users. If you don\u2019t, your users can log in to their resources with just their username and password.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-requiring-mfa-for-users\">Requiring MFA for Users<\/h2>\n\n\n\n<p>You can require MFA in the Admin Portal the following ways:<\/p>\n\n\n\n<ul>\n<li><a href=\"#from-individual-user-accounts\">From Individual User Accounts<\/a><\/li>\n\n\n\n<li><a href=\"#from-the-more-actions-menu\">From the More Actions Menu<\/a><\/li>\n\n\n\n<li><a href=\"#with-a-conditional-access-policy\">On User Groups with a Conditional Access Policy<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-from-individual-user-accounts\">From Individual User Accounts<\/h3>\n\n\n\n<p><strong>To require MFA factors for the User Portal on an individual user account<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Edit a user or create a new user in the Admin Portal. See&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/get-started-users\" target=\"_blank\" rel=\"noreferrer noopener\">Get Started: Users<\/a>.<\/li>\n\n\n\n<li>In the&nbsp;<strong>User Security Settings and Permissions<\/strong>&nbsp;section, select&nbsp;<strong>Require Multi-factor Authentication for User Portal<\/strong>&nbsp;option.&nbsp;<strong>Note<\/strong>: The enrollment period only affects TOTP MFA.<\/li>\n\n\n\n<li>Click&nbsp;<strong>save user<\/strong>.<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-from-the-more-actions-menu\">From the More Actions Menu<\/h3>\n\n\n\n<p><strong>To require MFA factors for the User Portal on existing users from the more actions menu<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Select any users you want to require MFA for.<\/li>\n\n\n\n<li>Click more actions, then select&nbsp;<strong>Require MFA on User Portal<\/strong>.<\/li>\n\n\n\n<li>Specify the number of days the user has to enroll in MFA before they are required to have MFA at login. You can specify a number of days between 1 and 365. The default value is 7 days.<\/li>\n\n\n\n<li>Click&nbsp;<strong>require<\/strong>&nbsp;to add this requirement to the selected users.<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-with-a-conditional-access-policy\">With a Conditional Access Policy<\/h3>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card important\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/important-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Important:<\/strong> \n<p>Read&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/get-started-conditional-access-policies\" target=\"_blank\" rel=\"noreferrer noopener\">Get Started: Conditional Access Policies<\/a>&nbsp;before you require MFA with&nbsp;a policy.&nbsp;<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p><strong>To require MFA factors with a Conditional Access Policy<\/strong>:&nbsp;<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\/admin\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>SECURITY MANAGEMENT&nbsp;<\/strong>&gt;&nbsp;<strong>Conditional Policies<\/strong>.<\/li>\n\n\n\n<li>Click (<strong>+<\/strong>).&nbsp;<\/li>\n\n\n\n<li>Enter a unique&nbsp;<strong>Policy Name<\/strong>.<\/li>\n\n\n\n<li>Optionally, enter a description for the policy.<\/li>\n\n\n\n<li>If you don\u2019t want the policy to take effect right away, toggle the&nbsp;<strong>Policy Status<\/strong>&nbsp;to&nbsp;<strong>OFF<\/strong>&nbsp;and finish the rest of the configuration. When you\u2019re ready for the policy to apply, you can toggle the&nbsp;<strong>Policy Status<\/strong>&nbsp;to&nbsp;<strong>ON<\/strong>.&nbsp;<\/li>\n\n\n\n<li>For&nbsp;<strong>Users<\/strong>, choose one of the following options:\n<ul>\n<li>Select&nbsp;<strong>All Users<\/strong>&nbsp;if you want the policy to apply to all users.&nbsp;<\/li>\n\n\n\n<li>Select&nbsp;<strong>Selected User Groups<\/strong>&nbsp;if you want the policy to apply to specific user groups, then search for those user groups and select them. If you need to create user groups, see&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/get-started-user-groups\" target=\"_blank\" rel=\"noreferrer noopener\">Get Started: User Groups<\/a>.&nbsp;<\/li>\n\n\n\n<li>If there are User Groups you want to exclude from the policy, search for the user groups and select them in the search bar under&nbsp;<strong>Excluded User Groups<\/strong>.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Optionally, set the conditions a user needs to meet.&nbsp;<strong>Note<\/strong>: Conditions is a premium feature available in the Platform Prime plan. Learn more about conditions in&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/get-started-conditional-access-policies\" target=\"_blank\" rel=\"noreferrer noopener\">Get Started: Conditional Access Policies<\/a>.&nbsp;<\/li>\n\n\n\n<li>In&nbsp;<strong>Action<\/strong>, select&nbsp;<strong>Allow authentication into selected resources<\/strong>, then select the&nbsp;<strong>Require MFA&nbsp;<\/strong>option.&nbsp;<\/li>\n\n\n\n<li>Click&nbsp;<strong>create policy<\/strong>.&nbsp;<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-understanding-user-mfa-enrollment-options\">Understanding User MFA Enrollment Options<\/h2>\n\n\n\n<p>There are two types of MFA enrollment for users:<\/p>\n\n\n\n<ol>\n<li>Forced MFA Enrollment<\/li>\n\n\n\n<li>Soft TOTP MFA Enrollment<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-about-forced-mfa-enrollment\">About Forced MFA Enrollment<\/h3>\n\n\n\n<p>If you require MFA for your users with a Conditional Access Policy, users are forced to enroll in MFA the next time they log in. To require MFA for your users with a Conditional Access Policy, see&nbsp;<a href=\"#CAP\">Requiring MFA with a Conditional Access Policy<\/a> above.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-about-soft-totp-mfa-enrollment\">About Soft TOTP MFA Enrollment<\/h3>\n\n\n\n<p>Soft TOTP MFA enrollment applies to TOTP MFA only. If there&#8217;s more than one MFA solution enabled, a user can select to enroll with&nbsp;an MFA solution that isn&#8217;t TOTP. After they finish setting up the non-TOTP MFA solution, they need to go back and enroll in TOTP MFA. If a user doesn&#8217;t enroll in TOTP MFA during the enrollment period, they are locked out of resources that are protected by TOTP MFA&nbsp;and you need to reset TOTP MFA for the user.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-starting-totp-mfa-enrollment-for-your-users\">Starting TOTP MFA Enrollment for Your Users<\/h3>\n\n\n\n<p>You can start a soft TOTP MFA enrollment period from an individual user account or with the More Actions menu.<\/p>\n\n\n\n<p><strong>To begin a soft TOTP MFA enrollment period from an individual account<\/strong>:&nbsp;<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\/admin\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>USER MANAGEMENT<\/strong>&nbsp;&gt;&nbsp;<strong>Users<\/strong>.<\/li>\n\n\n\n<li>Select an existing user or create a new one. To learn how to create a new user, see&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/get-started-users\" target=\"_blank\" rel=\"noreferrer noopener\">Get Started: Users<\/a>.&nbsp;<\/li>\n\n\n\n<li>Select the&nbsp;<strong>Details<\/strong>&nbsp;tab, then expand&nbsp;<strong>User Security Settings and Permissions<\/strong>.<\/li>\n\n\n\n<li>For&nbsp;<strong>Multi-Factor Authentication Settings<\/strong>, select&nbsp;<strong>Require Multi-factor Authentication on the User Portal<\/strong>, then enter the number of days the user has to enroll in MFA.&nbsp;<\/li>\n\n\n\n<li>Click&nbsp;<strong>save user<\/strong>.&nbsp;<\/li>\n<\/ol>\n\n\n\n<p><strong>To begin a soft TOTP MFA enrollment period from the more actions menu<\/strong>:&nbsp;<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\/admin\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>USER MANAGEMENT<\/strong>&nbsp;&gt;&nbsp;<strong>Users<\/strong>.<\/li>\n\n\n\n<li>Select the users you want to be in the enrollment period.<\/li>\n\n\n\n<li>In the top right, click&nbsp;<strong>more actions<\/strong>, then select&nbsp;<strong>Require User MFA.<\/strong>&nbsp;<\/li>\n\n\n\n<li>From the&nbsp;<strong>Require MFA on User Portal<\/strong>&nbsp;modal, enter the number of days users have to enroll in MFA.&nbsp;<\/li>\n\n\n\n<li>Click&nbsp;<strong>require<\/strong>.&nbsp;<\/li>\n<\/ol>\n\n\n\n<p>When you begin an enrollment period, users receive an email notification. The email lets them know how long their enrollment period is and gives them a link to set up TOTP MFA.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-resetting-totp-mfa-enrollment-for-a-user\">Resetting TOTP MFA Enrollment for a User<\/h2>\n\n\n\n<p>If a user doesn\u2019t set up TOTP MFA and the enrollment period expires, the user is locked out of their account, and you need to reset their enrollment period.&nbsp;<\/p>\n\n\n\n<p><strong>To reset a user\u2019s TOTP MFA enrollment period<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\/admin\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>USER MANAGEMENT<\/strong>&nbsp;&gt;&nbsp;<strong>Users<\/strong>.<\/li>\n\n\n\n<li>Select the user from the Users list.&nbsp;<\/li>\n\n\n\n<li>On the left side of the User Panel, select&nbsp;<strong>TOTP MFA expired<\/strong>, then click&nbsp;<strong>reset TOTP MFA<\/strong>.&nbsp;<\/li>\n\n\n\n<li>Click&nbsp;<strong>save user<\/strong>.&nbsp;<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-viewing-users-totp-mfa-status\">Viewing Users\u2019 TOTP MFA Status<\/h2>\n\n\n\n<p>You can view users\u2019 TOTP MFA status to monitor who\u2019s set up MFA, still in the enrollment period, and has had the enrollment period expired.&nbsp;<\/p>\n\n\n\n<p><strong>To view a users TOTP MFA status<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/login\/admin\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>USER MANAGEMENT<\/strong>&nbsp;&gt;&nbsp;<strong>Users<\/strong>.<\/li>\n<\/ol>\n\n\n\n<p>The Users list MFA column, which defaults to TOTP, shows you a user&#8217;s TOTP MFA status. When you hover over the status, you can see TOTP MFA status details for a user. The following TOTP MFA Statuses are possible:<\/p>\n\n\n\n<ul>\n<li>A user has enrolled sucessfully in TOTP MFA .<\/li>\n\n\n\n<li>A user has not completed TOTP enrollment.<\/li>\n\n\n\n<li>A user is in a TOTP MFA enrollment period (dates included).&nbsp;<\/li>\n\n\n\n<li>A user&#8217;s TOTP MFA enrollment period has expired (expiration date included).&nbsp;<\/li>\n\n\n\n<li>A user is in Pre-Enrollment, meaning their enrollment period will begin when their user state changes to active.<\/li>\n<\/ul>\n\n\n\n<p>You can also view a user&#8217;s MFA status in their user details.<\/p>\n\n\n\n<p>You can filter the Users list to show MFA status and requirement. See&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/get-started-users\" target=\"_blank\" rel=\"noreferrer noopener\">Get Started: Users<\/a>. &nbsp;<\/p>\n\n\n\n<p>To see users in an enrollment period, filter by&nbsp;<em>both<\/em>&nbsp;the required and inactive MFA status filters. Likewise, to see users with an expired enrollment period, also apply&nbsp;<em>both<\/em>&nbsp;the required and inactive MFA status filters.<\/p>\n\n\n\n<p>Learn more in&nbsp;<a href=\"#reset\">Resetting MFA Enrollment for a User<\/a> above.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-looking-at-the-user-workflow-nbsp-nbsp\">Looking at the User Workflow&nbsp;&nbsp;<\/h2>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<ul>\n<li>If you begin an enrollment period and a user already has set up MFA, they don\u2019t see the enrollment modal.&nbsp;<\/li>\n\n\n\n<li>You can use JumpCloud Protect&nbsp;for Push MFA as well as Verification Code (TOTP) MFA. See&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/jumpcloud-protect-for-end-users\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Protect for End Users<\/a>&nbsp;for more information.<\/li>\n\n\n\n<li>If you enabled Duo Security MFA, there\u2019s no additional setup for users, so Duo isn\u2019t part of the enrollment modal.&nbsp;<\/li>\n\n\n\n<li>WebAuthn can\u2019t be the only MFA solution enabled. You need to enable Duo or TOTP with WebAuthn. See <a href=\"https:\/\/jumpcloud.com\/support\/mfa-for-admins\" target=\"_blank\" rel=\"noreferrer noopener\">MFA for Admins<\/a>&nbsp;for more information.&nbsp;<\/li>\n<\/ul>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p>When you begin an enrollment process, the following is what the user experience is like for a user who hasn\u2019t set up MFA:<\/p>\n\n\n\n<ol>\n<li>The user will receive an email, or will get a prompt when they log in to the User Portal.<\/li>\n\n\n\n<li>The user sees a Set Up Multi-Factor Authentication modal. If it\u2019s a forced enrollment, the user won\u2019t be able to skip it. If it includes a soft&nbsp;TOTP MFA enrollment, the user can skip it.\n<ol class=\"is-lower-alpha\">\n<li>If you enabled TOTP MFA as the single MFA solution, the user has to set up TOTP MFA.<\/li>\n\n\n\n<li>If you enabled TOTP MFA and WebAuthn, the user can choose which MFA solution to set up first. By default, TOTP MFA is selected.<strong>&nbsp;Note<\/strong>: If the users sets up WebAuthn first, they need to go back and set up TOTP MFA. &nbsp; &nbsp;<\/li>\n\n\n\n<li>If you set up Duo MFA and WebAuthn, the user has to set up WebAuthn.<\/li>\n<\/ol>\n<\/li>\n\n\n\n<li>After an\u00a0MFA solution has been selected, the user clicks continue and sets up MFA. \n<ul>\n<li>The user will be provided with a QR code and TOTP token that can be used to configure a qualified TOTP app (we recommend that users use the JumpCloud Protect app for TOTP).<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card tip\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/tip-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Tip:<\/strong> \n<p>For backup purposes, we recommend that users copy and paste their TOTP key string below the QR code and store it in a secure location. This key can be used to reset TOTP MFA if a users loses their device with the TOTP token app.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>When a user&#8217;s enrollment is close to expiring, they are sent a reminder 24 hours in advance notifying them that their TOTP MFA enrollment period is about to expire. After their enrollment period expires, they are locked out of the User Portal until their TOTP MFA requirement is removed by an administrator or their enrollment time is extended. <\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card tip\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/tip-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Tip:<\/strong> \n<p>Here&#8217;s a guided simulation: <a href=\"https:\/\/university.jumpcloud.com\/courses\/user-portal-mfa-totp-login\" target=\"_blank\" rel=\"noreferrer noopener\">User Portal MFA TOTP Login<\/a>.<\/p>\n <\/div><\/div><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>After you\u2019ve configured an MFA factor type, you need to require MFA on your users. If you don\u2019t, your users [&hellip;]<\/p>\n","protected":false},"author":204,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2908,2854,2932,2850],"support_tag":[],"coauthors":[2838],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Require MFA for Users - JumpCloud<\/title>\n<meta name=\"description\" content=\"Learn how to require MFA for your users in JumpCloud.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/require-mfa-for-users\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Require MFA for Users\" \/>\n<meta property=\"og:description\" content=\"Browse the JumpCloud Help Center by category, search for a specific topic, or check out our featured articles.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/require-mfa-for-users\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2025-02-21T21:03:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2024\/07\/202405-MISC-JumpCloudHelpCenter-SiteDisplay-min-2.png\" \/>\n\t<meta property=\"og:image:width\" content=\"890\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"8 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"jenniferklein\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/require-mfa-for-users\",\"url\":\"https:\/\/jumpcloud.com\/support\/require-mfa-for-users\",\"name\":\"Require MFA for Users - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"datePublished\":\"2023-06-05T17:11:34+00:00\",\"dateModified\":\"2025-02-21T21:03:07+00:00\",\"description\":\"Learn how to require MFA for your users in JumpCloud.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/require-mfa-for-users#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/require-mfa-for-users\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/require-mfa-for-users#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Require MFA for Users\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Require MFA for Users - JumpCloud","description":"Learn how to require MFA for your users in JumpCloud.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/require-mfa-for-users","og_locale":"en_US","og_type":"article","og_title":"Require MFA for Users","og_description":"Browse the JumpCloud Help Center by category, search for a specific topic, or check out our featured articles.","og_url":"https:\/\/jumpcloud.com\/support\/require-mfa-for-users","og_site_name":"JumpCloud","article_modified_time":"2025-02-21T21:03:07+00:00","og_image":[{"width":890,"height":525,"url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2024\/07\/202405-MISC-JumpCloudHelpCenter-SiteDisplay-min-2.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"8 minutes","Written by":"jenniferklein"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/require-mfa-for-users","url":"https:\/\/jumpcloud.com\/support\/require-mfa-for-users","name":"Require MFA for Users - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"datePublished":"2023-06-05T17:11:34+00:00","dateModified":"2025-02-21T21:03:07+00:00","description":"Learn how to require MFA for your users in JumpCloud.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/require-mfa-for-users#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/require-mfa-for-users"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/require-mfa-for-users#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Require MFA for Users"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/76786"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/204"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/76786\/revisions"}],"predecessor-version":[{"id":121524,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/76786\/revisions\/121524"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=76786"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=76786"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=76786"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=76786"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}