Is the Profile suitable for local enterprise use?

No. See Section 1 of the Profile, under “Relationship to institution-specific MFA signalling needs”. In general the Profile is not suited for use locally for the reasons noted there. Defining a local signal for one’s own policies around MFA is a better approach.

How should "Exceptions" to MFA Policy be handled?

Exceptions are not allowed by the REFEDS MFA Profile.

  • No labels