Ready to help

How do I create an exception for MFA findings?

You can configure exceptions for apps that should not raise an MFA not registered finding in the Push platform.

This is useful if you use a third-party MFA provider and Push is raising MFA findings on accounts because you do not enforce MFA via the app itself.

To create an exception, go to Settings > MFA findings in the Push admin console. Select the cog for the MFA not registered finding type and then select apps that should not raise a missing MFA finding.

MFA exception finding config - KB 10140

Note that once you add an app to the exception list, the MFA status on all accounts associated with that app will become MFA status not observed.

Push will automatically resolve older MFA not registered findings for apps added to the exception list. This may take a few hours if there are a large number of records.

Note that creating exceptions for MFA findings does not impact other controls you’ve configured, such as MFA enforcement.