How to enable the email option in MFA in Oracle Cloud

1️⃣ Go to your Identity Domain

Go to Menu ☰ > Identity & Security > Domains > Default (or your preferred domain).

2️⃣ Enable Email Factor

From the Domain details page, go to the Authentication tab and enable the Email factor

3️⃣ Open Edit sign-on rule

From the Domain details page, go to the Domain policies tab and click on Default Sign-On Policy (Be sure to also check on other functioning policies that regulate sign-in like Security Policy for OCI Console).

Within the Default Sign-On Policy page, click on the Sign-on rules tab and expand on the Edit ⋯ button for the Default Sign-on Rule. Click on Edit sign-on rule.

Note: Within my tenancy, I have a superseding sign-on policy in which case I would have to modify the right policy for my requirements

4️⃣ Enable Email MFA Prompt in Sign-on Policy

Under Actions, either ask it to prompt for Any factor or allow for Email to be one of the specified factors for MFA.

Be careful about making changes here as you may be locked out. You can always create a new Identity Domain to test.

5️⃣ Test

Log out and log back into your cloud tenancy. After entering your username and password, you will be redirected to the MFA page. Expand the list of all additional MFA options to ensure Email is one of those options.

Safe harbor statement

The information provided on this channel/article/story is solely intended for informational purposes and cannot be used as a part of any contractual agreement. The content does not guarantee the delivery of any material, code, or functionality, and should not be the sole basis for making purchasing decisions. The postings on this site are my own and do not necessarily reflect the views or work of Oracle or Mythics, LLC.

This work is licensed under a Creative Commons Attribution 4.0 International License.