How to setup SSO mfa device

MFA can be configured by following the steps below:

1. After you login using aws access portal URL(client_id.awsapps.com/start/#/), on the upper right corner choose on the drop down menu next to the username

   Open

   

2. Choose Register device

   Open

   

3. Choose one of the options of registering a device. Usually it’s authenticator app, or a built-in authenticator if your device supports it.

4. If you choose authenticator app(the usual choice) you will be forwarded to the following page

   Open

   

   
   Scan the QR code with your app and input the code from the application.

You will be asked for the MFA code on the next login.

Notes:

• If you don’t have an MFA device configured, and the administrator has enabled login only with MFA devices, you will be forwarded to the step 4 at the next login attempt. Register the MFA device by following the instructions.

• For a list of authenticator apps check this URL: https://docs.aws.amazon.com/singlesignon/latest/userguide/mfa-types.html#mfa-types-apps?icmpid=docs_sso_user_portal
  Some common ones are google authenticator, microsoft authenticator, 1password, etc.