Guardian Multifactor Authentication


As discussed in the Guardians article, Clearlogin has a new Multifactor Authentication (MFA) method called Guardian.

Guardian MFA is designed to only allow a user to log in after that user's Guardian logs in for them.

To get started with Guardian MFA, please first follow the instructions in the Guardians article.

To begin we first need to enable Guardian MFA:

  1. Log into your Clearlogin Admin Dashboard and then from the navigation bar, select Security and click on Multi-Factor Auth.

  2. You will be brought to the MFA Providers page.  Click the button that says New MFA Provider.

  3. Select Guardian from the Add a New MFA Provider screen.

  4. You will be brought to the New - Guardian screen.

    Click on the green button that says Enable Guardian.

  5. If all goes well, you will be brought to a page with a message that states MFA Provider created successfully.

  6. We're not done yet though, now we need to enable Guardian MFA within our Access Rules.  For this example, I have made Teachers the guardians of Students.

    For information on how to do this, please refer to the Guardians article.

    Navigate to your Access Rules by clicking on Security and then selecting Access Rules from the navigation bar.

  7. In this case, since Teachers are the Guardians of Students, I'm going to edit the Students Access Rule by clicking on the blue Edit button next to the Students Access Rule.

  8. You will be brought to the Editing Access Rule page.

    Under What you will see the Multifactor Authentication dropdown menu.  Select Guardian from this menu.

    Once you're done, scroll down to the bottom of the page and click on the green button that says Save Access Rule.

    The page will refresh and you will be presented with a message at the top of the page stating that your settings have been saved.

  9. The only thing left to do now is test our changes!

    To start, navigate to your Clearlogin domain:

  10. Next, attempt to log in as a user that the Guardian MFA Access Rule applies to.

  11. As long as the user's credentials were entered correctly, you will be presented with the below login prompt.  This is where the Guardian of the user attempting to log in has to log in.

  12. If all went well, the user will be presented with their Clearlogin Dashboard.

    Congratulations!  You have successfully configured Guardian MFA!
Have more questions? Submit a request


Powered by Zendesk