If you want credentials + MFA every time, you’ll need a conditional access policy on the enterprise app used for GP with a sign-in frequency set to something low like 1 hr (lowest value I believe). With Azure and no conditional access policy, I believe the defaults token is around 90 days + for credentials with MFA kicking in based on the global MFA setting in Azure (if at all set). PANW - Press Releases & Public StatementsĪssuming it’s not the GP Authentication cookie on the Portal/Gateway coming into play here like others have said, which comes before/overrides any external auth, it will most likely be the Azure tokens being stored on the user endpoint (via the embedded or default browser) if they’ve selected ‘keep me signed in’ and/or ‘remember MFA’. We are not officially supported by Palo Alto networks, or any of it's employees, however all are welcome to join and help each other on a journey to a more secure tomorrow.ĭo you have support related questions? Check the Support Site Company Information This subredditt is for those that administer, support, or want to learn more about Palo Alto Networks firewalls.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |