topic Re: MFA SSO - Finally? in Open Q&A

MFA SSO - Finally?

rgarzon1 — Wed, 15 Oct 2025 12:47:05 GMT

After almost 7 years, we’ve always been asking for MFA support on accounts — and today, I finally found it by accident.

Maybe I just missed the update back when the documentation came out in May 2025, but considering how many clients have been asking for this,

with several ADs configured in the past three months… using EntraID, multiple Managed environments, and even some GCP Workspaces

I have to say, I’m really happy to see it available now!

Enhance your environment security with MFA enforcement — Dynatrace Docs
Honestly, I still don’t understand how I missed it for five months. I’ve searched for it several times before and never found it, even when I was actively using AD just to enable MFA.

Just one question — will the OTP be the only option, or is there a plan to support others like Google Authenticator or similar tools?

Re: MFA SSO - Finally?

AntonioSousa — Tue, 14 Oct 2025 22:39:11 GMT

@rgarzon1 ,

Yes, it's been around for some time. There are also some more treats around security...

Re: MFA SSO - Finally?

florian_AIgner — Mon, 22 Dec 2025 14:00:17 GMT

Hello @rgarzon1 ,

Yes, we recently introduced full-fledged MFA capabilities to strengthen both user account protection and tenant security.

Our MFA implementation is based on the TOTP standard, so any authenticator app should work . Additionally, OTP via email is available as a step-up authentication method for users who are not enrolled in TOTP MFA when accessing MFA-protected tenants.

Here’s how it works:

Local users can enroll in MFA at login using TOTP.
Admins can define tenants with elevated security requirements, where a second factor is mandatory for access.
Users not enrolled in TOTP MFA can still access MFA-protected tenants by entering an OTP sent via email(step-up authentication).

Let me know if you have any further questions!