Certain VIP administrators are able to login to the VIP Manager via the Manager IdP or other single sign-on without being prompted to register a credential or enter a security code.

By design, certain VIP administrator permissions do not require 2FA under these 2 conditions :

1. The admin user is logging in through the VIP EG Manager IdP or a 3rd-party SSO.
2. VIP Manager 'Single Sign-On settings' are set to enforce 2FA only for admin users with sensitive permissions.

The following are considered non-sensitive permissions:

• Audit Reports
• Credential Reports
• Customer Credential (View Only)
• Customer Credential (View and Modify)
• End User Management (View Only)
• End User Management (View and Modify)

Adding any sensitive permission to the administrator (or administrator group) will require 2FA. Changing the SSO settings in VIP or logging directly to the VIP Manager will also prompt the admin user for a security code.