Creating Policy with MFA Option

Application access with MFA enables you to choose users that did not already go through MFA (either using own MFA, working with your IdP or local MFA) are forced to go through MFA or not when they try to access the resources or applications in the specific policy. Before you want to continue to set those policy setting,  please check these KB down below about Admin access:


  1. login to
  2. Go to Settings tab> ZTNA
  3. In Policies, click on New Policy button
  4. Once clicked, it will expand all the option for policy that can be use for application authorization
  5. You need to input the policy name because it's mandatory and must be unique to other policy
  6. We are focusing for MFA access policy, which by default it will have enabled (green) toggle
  7. You could disabled the MFA policy by clicking it, and it will turns gray
  8. If you disabled that, it means the app you accessed never will asked any MFA anymore
  9. As for the applications, categories and configuration fill/choose with what you want to be mapped. Then click "Save"
  10. It will give you success notification, once the policy has been added