Skip to end of metadata
Go to start of metadata


REFEDS MFA Profile v1.1 available for Public Feedback

(Posted: September 13, 2022)

A draft version of the REFEDS MFA Profile v1.1 is now available for public feedback. This update continues our effort to make the REFEDS MFA Profile clearer and easier to adopt. With V1.1, we focused on clarifying key implementation details and making the Profile usable with multiple messaging protocols (SAML and OIDC), while staying true to the intent of the original Profile.

Visit the Community Chat / Feedback page to learn more. Then join on October 6 for the REFEDS Community Chat.

Work Artifacts

Take one (May 2021 - Oct 2021)


MFA Scenarios:

Work-in-progress FAQ:

Published FAQ (delivery to the REFEDS Assurance Working Group): MFA Profile FAQ

Take two (Oct 2021 - Mar 2022)

MFA Subgroup Charter Take Two:

MFA Profile Priorities discussion materials:

MFA Profile Priorities (delivery to the REFEDS Assurance Working Group):

Take three (Mar 2022 - current)

Working document for MFA Profile Priorities:

READ FIRST: Editors' Notes for REFEDS MFA Profile V1.1:

(draft) REFEDS Multi-Factor Authentication Profile V1.1:

Existing Related Documentation

REFEDS MFA documentation

The REFEDS MFA Profile:

Final Products of the MFA Interoperability Profile Working Group:

Software Documentation


IdP How-To

SP How-To


Meeting notes:

Weekly meetings every    Tuesdays, 5:30 – 6:30 pm CEST, Zoom details:

Berlin, Germany               Tue, at 5:30 pm CEST

Athens, Greece                Tue, at 6:30 pm EET

New York, USA                 Tue, at 11:30 am EST

Los Angeles, USA             Tue, at 08:30 am PST

Corresponding UTC          Tue, at 4:30 pm UTC


Slack channel: #assurance-mfa-subgroup at

E-mail list:

About the MFA Subgroup

The MFA Subgroup is tasked by the REFEDS Assurance Working Group to update the REFEDS MFA Profile to make it easier to understand, interpret, and apply, so that: 

  • an federation SP operators can map it to their strong authentication requirements and trust that a federated IdP has performed MFA adequately.
  • an IdP operators has sufficient deployment guidance to make better decisions and test for success.
  • software implementers can better understand why, when, and how to support MFA signaling using the REFEDS MFA Profile in their products.
  • No labels