Product documentation Docs
    • English
    • Deutsch
    • 日本語
    • 한국어
    • Français
  • More Sites
    • Now Community
    • Developer Site
    • Knowledge Base
    • Product Information
    • ServiceNow.com
    • Training
    • Customer Success Center
    • ServiceNow Support Videos
  • Log in

Product documentation

  • Home
How search works:
  • Punctuation and capital letters are ignored
  • Special characters like underscores (_) are removed
  • Known synonyms are applied
  • The most relevant topics (based on weighting and matching to search terms) are listed first in search results
Topics are ranked in search results by how closely they match your search terms
  • A match on the entire phrase you typed
  • A match on part of the phrase you typed
  • A match on ALL of the terms in the phrase you typed
  • A match on ANY of the terms in the phrase you typed

Note: Matches in titles are always highly ranked.

  • Release version
    Table of Contents
    • Customer Service Management
Table of Contents
Choose your release version
    Home New York Customer Service Management Customer Service Management Customer Service Management Configure Customer Service Management Multi-factor authentication for Customer and Consumer Service Portals

    Multi-factor authentication for Customer and Consumer Service Portals

    • Save as PDF Selected topic Topic & subtopics All topics in contents
    • Unsubscribe Log in to subscribe to topics and get notified when content changes.
    • Share this page

    Multi-factor authentication for Customer and Consumer Service Portals

    Multi-factor authentication, also known as two-step verification, is a security requirement that asserts a user enter more than one set of credentials.

    Enable multi-factor authentication for Customer and Consumer Service Portal users so that access to the self-service web portals is more secure from potential vulnerabilities. For more information, see Multifactor authentication (MFA).

    Multi-factor authentication properties

    Use properties to enable role-based multi-factor authentication criteria and configure the behavior.
    Property Description
    Enable Multi-factor authentication

    [glide.authenticate.multifactor]

    Select this check box to allow users and administrators to use this feature.
    • Type: enabled | disabled
    • Default value: enabled
    • Location: Multi-factor Authentication > Properties
    Number of times a user can bypass setting up multi-factor authentication

    [glide.authenticate.multifactor.setup.bypass.count]

    Enter a number that represents how many times a user can choose to skip the additional passcode requirement. This gives your users the ability to still log in the instance if they do not have their mobile device with them. If you disable this feature and then re-enable it, the counter starts over again.
    • Type: string
    • Default value: 3
    • Location: Multi-factor Authentication > Properties
    The time in minutes, the one time code sent to user's email address is valid for

    [glide.multifactor.onetime.code.validity]

    Enter a number in minutes that specifies how long the reset code is valid. See Log on with multi-factor authentication.
    • Type: string
    • Default value: 10
    • Location: Multi-factor Authentication > Properties
    Additional time in seconds for which the code will be valid to accommodate for the clock skew. Max value is 60 seconds.

    [glide.authenticate.multifactor.clock_skew]

    Enter a number in seconds with a maximum of 60.

    By default, the instance validates the code entered by the user against the single app-generated code generated at whatever the current time is. You can skew the time window with this property and allow one or more codes generated during a time window to be considered valid.

    The property's value is used in the following calculation: current time - x/2 and current time + x/2, where 'x' is the value of this property. If you use the value of 10, for example, the instance considers any codes generated by the app between the time range [the current time - 5 seconds] and [current time + 5 seconds] to be valid.

    Use this property to prevent log in issues where the user is unable to enter the correct code in the default time allotted.

    Configure roles for multi-factor authentication

    Add the following external roles to the multi-factor roles:
    • sn_customerservice.customer
    • sn_customerservice.consumer
    Users with these roles will be required to use multi-factor authentication. For more information, see Require MFA for a role.

    Tags:

    Feedback
    On this page

    Previous topic

    Next topic

    • Contact Us
    • Careers
    • Terms of Use
    • Privacy Statement
    • Sitemap
    • © ServiceNow. All rights reserved.

    Release version
    Choose your release version

      Multi-factor authentication for Customer and Consumer Service Portals

      • Save as PDF Selected topic Topic & subtopics All topics in contents
      • Unsubscribe Log in to subscribe to topics and get notified when content changes.
      • Share this page

      Multi-factor authentication for Customer and Consumer Service Portals

      Multi-factor authentication, also known as two-step verification, is a security requirement that asserts a user enter more than one set of credentials.

      Enable multi-factor authentication for Customer and Consumer Service Portal users so that access to the self-service web portals is more secure from potential vulnerabilities. For more information, see Multifactor authentication (MFA).

      Multi-factor authentication properties

      Use properties to enable role-based multi-factor authentication criteria and configure the behavior.
      Property Description
      Enable Multi-factor authentication

      [glide.authenticate.multifactor]

      Select this check box to allow users and administrators to use this feature.
      • Type: enabled | disabled
      • Default value: enabled
      • Location: Multi-factor Authentication > Properties
      Number of times a user can bypass setting up multi-factor authentication

      [glide.authenticate.multifactor.setup.bypass.count]

      Enter a number that represents how many times a user can choose to skip the additional passcode requirement. This gives your users the ability to still log in the instance if they do not have their mobile device with them. If you disable this feature and then re-enable it, the counter starts over again.
      • Type: string
      • Default value: 3
      • Location: Multi-factor Authentication > Properties
      The time in minutes, the one time code sent to user's email address is valid for

      [glide.multifactor.onetime.code.validity]

      Enter a number in minutes that specifies how long the reset code is valid. See Log on with multi-factor authentication.
      • Type: string
      • Default value: 10
      • Location: Multi-factor Authentication > Properties
      Additional time in seconds for which the code will be valid to accommodate for the clock skew. Max value is 60 seconds.

      [glide.authenticate.multifactor.clock_skew]

      Enter a number in seconds with a maximum of 60.

      By default, the instance validates the code entered by the user against the single app-generated code generated at whatever the current time is. You can skew the time window with this property and allow one or more codes generated during a time window to be considered valid.

      The property's value is used in the following calculation: current time - x/2 and current time + x/2, where 'x' is the value of this property. If you use the value of 10, for example, the instance considers any codes generated by the app between the time range [the current time - 5 seconds] and [current time + 5 seconds] to be valid.

      Use this property to prevent log in issues where the user is unable to enter the correct code in the default time allotted.

      Configure roles for multi-factor authentication

      Add the following external roles to the multi-factor roles:
      • sn_customerservice.customer
      • sn_customerservice.consumer
      Users with these roles will be required to use multi-factor authentication. For more information, see Require MFA for a role.

      Tags:

      Feedback

          Share this page

          Got it! Feel free to add a comment
          To share your product suggestions, visit the Idea Portal.
          Please let us know how to improve this content

          Check any that apply

          To share your product suggestions, visit the Idea Portal.
          Confirm

          We were unable to find "Coaching" in Jakarta. Would you like to search instead?

          No Yes
          • Contact Us
          • Careers
          • Terms of Use
          • Privacy Statement
          • Sitemap
          • © ServiceNow. All rights reserved.

          Subscribe Subscribed Unsubscribe Last updated: Tags: January February March April May June July August September October November December No Results Found Versions Search preferences successfully updated My release version successfully updated My release version successfully deleted An error has occurred. Please try again later. You have been unsubscribed from all topics. You are now subscribed to and will receive notifications if any changes are made to this page. You have been unsubscribed from this content Thank you for your feedback. Form temporarily unavailable. Please try again or contact  docfeedback@servicenow.com  to submit your comments. The topic you requested does not exist in the release. You were redirected to a related topic instead. The available release versions for this topic are listed There is no specific version for this documentation. Explore products Click to go to the page. Release notes and upgrades Click to open the dropdown menu. Delete Remove No selected version Reset This field is required You are already subscribed to this topic Attach screenshot The file you uploaded exceeds the allowed file size of 20MB. Please try again with a smaller file. Please complete the reCAPTCHA step to attach a screenshot
          Log in to personalize your search results and subscribe to topics
          No, thanks Login