Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Document MFA enforcement #26750

Merged
merged 5 commits into from
Dec 16, 2024
Merged

Document MFA enforcement #26750

merged 5 commits into from
Dec 16, 2024

Conversation

urseberry
Copy link
Contributor

@urseberry urseberry commented Dec 12, 2024

What does this PR do? What is the motivation?

https://datadoghq.atlassian.net/browse/DOCS-9658

Merge instructions

Merge readiness:

  • Ready for merge

Merge queue is enabled in this repo. To have it automatically merged after it receives the required reviews, create the PR (from a branch that follows the <yourname>/description naming convention) and then add the following PR comment:

/merge

Additional notes

@urseberry urseberry requested a review from a team as a code owner December 12, 2024 20:56
@urseberry urseberry added the under_review Sent to someone outside of the docs team for review. label Dec 12, 2024
Copy link
Contributor

- In Login Methods, a link to **View users without MFA** appears. Click on the link to see the Users list, filtered on users without MFA.

The setting to require multi-factor authentication is independent of the default login method settings. Regardless of which login methods you enable by default, enforcing MFA requires a second authentication factor for users that log in with an email and password.

## Reviewing user overrides

Using overrides, you can change the available login methods for individual users. In the following example, **Sign in with Google** is Off by default in the organization, but one user has it enabled by having an override set.

{{< img src="account_management/login_methods_disabled_overrides_set.png" alt="Login method disabled, with user override enabled" style="width:80%;">}}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could use the following updated screenshot that includes MFA enforcement:

image

Copy link
Contributor

@anthony-dgx anthony-dgx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added two minor suggestions, but overall it looks good to me 👍


Setting **Require Multi-Factor Authentication** to `On` has two effects:
- Users that log in with an email and password must register a second authentication factor before accessing the organization.
- In Login Methods, a link to **View users without MFA** appears. Click on the link to see the Users list, filtered on users without MFA.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you think about using a link for View users without MFA* that redirects to the list of users without MFA configured?

The link is the following one for US1: https://app.datadoghq.com/organization-settings/users?filter%5Ballowed_login_methods%5D=standard&filter%5Bmfa_enabled%5D=false&filter%5Bstatus%5D=Active

@github-actions github-actions bot added the Images Images are added/removed with this PR label Dec 14, 2024
@urseberry urseberry removed the under_review Sent to someone outside of the docs team for review. label Dec 14, 2024
@drichards-87
Copy link
Contributor

/merge

@dd-devflow
Copy link

dd-devflow bot commented Dec 16, 2024

Devflow running: /merge

View all feedbacks in Devflow UI.


2024-12-16 18:26:28 UTC ℹ️ MergeQueue: pull request added to the queue

The median merge time in master is 7m.


2024-12-16 18:35:17 UTC ℹ️ MergeQueue: This merge request was merged

@dd-mergequeue dd-mergequeue bot merged commit de11a8f into master Dec 16, 2024
21 of 25 checks passed
@dd-mergequeue dd-mergequeue bot deleted the uchen/org-mfa branch December 16, 2024 18:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Images Images are added/removed with this PR mergequeue-status: done
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants