Certain VIP administrators are able to login to the VIP Manager via the Manager IdP or other single sign-on without being prompted to register a credential or enter a security code.

When the feature is enabled, certain VIP administrator permissions do not require 2FA under these 2 conditions :

1. The admin user is logging in through the VIP EG Manager IdP or a 3rd-party SSO.
2. VIP Manager 'Single Sign-On settings' are set to enforce 2FA only for admin users with sensitive permissions.

The following are considered non-sensitive permissions:

• Audit Reports
• Credential Reports
• Customer Credential (View Only)
• Customer Credential (View and Modify)
• End User Management (View Only)
• End User Management (View and Modify)

Adding any sensitive permission to the administrator (or administrator group) will require 2FA. Changing the Single Sign-on settings in VIP Manager or logging directly to the VIP Manager will also prompt the admin user for a security code.