cancel
Showing results for 
Search instead for 
Did you mean: 
csubirats
Occasional Member - Level 2

SSO Question

Hi, We are in the process of moving to SSO and my Security Team wants to know if its possible to enable SSO but use Concur 2FA??  Does this question make sense, sorry I'm not a tech person. Any feed back helps....I think we've hit a hurdle due to many personal email addresses in lieu of business emails.

2 Solutions
Solution
andilillemoen23
SAP Concur Employee
SAP Concur Employee

Good Afternoon,

 

2FA is going to be active for all users who do not use MFA.   When you go to single sign on, you will not be using 2FA for logging in from your Intranet site.  However, if they are also going to be able to log in via their mobile phone, they would have to use 2FA.     Basically, SSO bypasses the 2FA in the site.

 

Regards,


Andi

SAP Consultant

View solution in original post

Solution
DeanR
Frequent Member - Level 1

@andilillemoen23 

SSO should work the same for the Concur website and the app.  I know that it does for our users.

 

@csubirats 

You can enable SSO but not make it mandatory, leaving the option for users to log in with username and password that will then force them to use the Concur 2FA process.   

View solution in original post

2 REPLIES 2
Solution
andilillemoen23
SAP Concur Employee
SAP Concur Employee

Good Afternoon,

 

2FA is going to be active for all users who do not use MFA.   When you go to single sign on, you will not be using 2FA for logging in from your Intranet site.  However, if they are also going to be able to log in via their mobile phone, they would have to use 2FA.     Basically, SSO bypasses the 2FA in the site.

 

Regards,


Andi

SAP Consultant

Solution
DeanR
Frequent Member - Level 1

@andilillemoen23 

SSO should work the same for the Concur website and the app.  I know that it does for our users.

 

@csubirats 

You can enable SSO but not make it mandatory, leaving the option for users to log in with username and password that will then force them to use the Concur 2FA process.