Skip to main content

Authentication concepts

SecureAuth Connect uses three complementary approaches to verify user identity. Understanding how they work together helps you configure the right level of security for each use case.

  • Multi-factor authentication (MFA) – Requires users to verify their identity using at least two independent factors. Configure which methods are available as first-factor and second-factor authentication.

  • Adaptive authentication – Adjusts security requirements based on real-time risk. The Risk Engine evaluates device, location, and behavior signals and only triggers MFA when risk is elevated.

  • Step-up authentication – Requires an already signed-in user to complete additional verification before performing a sensitive action. Driven by the application, not the platform.

Key distinction

  • Adaptive authentication is risk-driven and automatic – SecureAuth Connect decides when to challenge.
  • Step-up authentication is application-driven and explicit – the application requests a specific assurance level for a specific operation.