Enforce two-factor authentication (2FA)
Two-factor authentication can be enforced for the whole organization to ensure that all users who access the organization have two-factor authentication enabled.
Before enforcing two-factor authentication
Before you enforce two-factor authentication (2FA) for your organization, consider that users without 2FA enabled will immediately lose access to the organization and subsequent pipelines.
Users can set up 2FA by following the 2FA tutorial.
Steps to enforce two-factor authentication
To enforce 2FA:
- Ensure you are logged in as an Administrator.
- Visit your organization's Settings > Security page.
- Check Enforce two-factor authentication.
- Select Update Access Control.
Programmatically enforcing two-factor authentication
Please review the GraphQL cookbook for instructions on how to enable enforced 2FA via the GraphQL API.
API access tokens
Enforcing 2FA does not invalidate existing API access tokens. Existing tokens will continue to work, but users must enable 2FA before they can update existing tokens or create new ones.