MFA for Standard Authentication

By Aaron Alquillera

Learn about using MFA to access the Kandji Web App

Kandji enforces Multifactor Authentication for all users who sign into a Kandji tenant using an email and password Combination. This MFA requirement does not affect users who authenticate via Google, Office 365, or an SSO Connection.

Register an MFA Application

Learn how to register an MFA (TOTP) application to your account. Currently, you may only register one TOTP application per user account. 

  1. Navigate to your Kandji tenant, and click Log In.
  2. Login using your Email address & Password.
  3. After authenticating, you will see the following prompt to scan the registration QR code with your TOTP application. Any TOTP application will work, such as Google Authenticator. Scan the barcode and complete the setup within your TOTP application.
  4. Enter the TOTP code shown in your application.
  5. Click Continue.
  6. Copy your Recovery Code.
    After configuring your TOTP application, you will be given a recovery code to regain access to your account in the event that you lose access to it. If you lose access to your TOTP application and recovery code, please contact Kandji Support.
  7. Click the "I have safely recorded this code" checkbox.
  8. Click Continue.MFA Registration is now complete. The next time you sign into Kandji, you will see an MFA prompt similar to the following:

Manage your MFA Applications

Learn how to delete and manage your registered MFA application. 

  1. Log in to your Kandji tenant, and click your name in the lower-left corner.
  2. Click My Profile.
  3. Click the Multi-Factor Authentication tab.
  4. Click on the ellipsis to delete the MFA application. Upon your next login, you will be required to register a new one.

Learn more about using Multi-Factor Authentication for signing in with G Suite and Office 365 below: