2FA

Stores > Settings > ConfigurationSecurity > 2FA

Stores that have enabled Adobe Identity Management Services (IMS) authentication have native Adobe Commerce and Magento Open Source 2FA disabled. Admin users who are logged into their Commerce instance with their Adobe credentials do not need to re-authenticate for many Admin tasks. Authentication is handled by Adobe IMS when the Admin user logs into their current session. See Integrating Adobe Commerce with Adobe IMS overview.

General

General

Field Scope Description
Providers to use Global Indicates the two-factor authentication method(s) that you require. If you select more than one provider, each user will be required to configure each 2fa method the next time they log in. To learn more, go to Two-Factor Authentication.
Configuration Email URL for Web API Global For custom implementations, the URL for an alternate email configuration link that is sent to Admin users at first login. In the email template, use the placeholder :tfat to indicate where the token is injected.

Google

Google

Field Scope Description
OTP Window Global The lifetime in seconds of each one-time password (OTP) generated by Google Authenticator. Default: 30

Duo Security

Duo Security

Field Scope Description
Integration Key Global The integration key from your Duo Security account.
Secret Key Global The secret key from your Duo Security account.
API Hostname Global The API hostname from your Duo Security account.

Authy

Authy

Field Scope Description
API Key Global The API key from your Authy account.
OneTouch Message Global The message that appears in the Authy authenticator at login. Default: Login request to your Magento Admin

U2F Key

U2F Key

Field Scope Description
WebApi Challenge Domain Global The domain that is used to issue and process WebAuthn challenges for custom WebAPI implementations.