Is the Profile suitable for local enterprise use?

No. See Section 1 of the Profile, under “Relationship to institution-specific MFA signalling needs”. In general the Profile is not suited for use locally for the reasons noted there. Defining a local signal for one’s own policies around MFA is a better approach.

How should "Exceptions" to MFA Policy be handled?

Exceptions are not allowed by the REFEDS MFA Profile.

Explore the MFA Profile FAQ

MFA Profile FAQ Home

Introducing the REFEDS MFA Profile

Guidance for Identity Provider/OpenID Provider Operators

Guidance for Service Provider/Relaying Party Operators

Dealing with Institution MFA Policies

Identity Provider/OpenID Provider product specific questions

Service Provider/Relying Party product specific questions

REFEDS MFA Profile


  • No labels