If necessary, you can exempt certain users from the two-factor authentication (2FA) process. Exemptions are issued by credential, meaning you can require a user to utilize two-factor authentication with one specific credential but not another. For example, you may want your users to utilize 2FA with their physical keycards but not with their Genea mobile keys. Follow the steps below to exempt a user from the 2FA process.
1) Navigate to the profile of the user that you would like to exempt from the 2FA process. You can do so by searching for the user's name in the general search bar at the top of your dashboard, or by searching for the user under the 'Users' tab in your dashboard.
2) Under the user's 'Cards,' click on the specific key that you would like to exempt from the 2FA process.
3) To exempt the user's key from the 2FA process, check the 'PIN exempt' box.
When the box is filled, the user's key will be exempt from the 2FA process. This means that on any 2FA enabled readers, the user will not be required to use both their credential and PIN in order to gain access to the property.
When the box is not filled, the user will not be 2FA exempt. This means that on any 2FA enabled readers, the user will be required to use both their credential and PIN in order to gain access to the property.
4) Press the 'Save' button to exempt the user's key from the 2FA process.
If a user has multiple credentials and you've only granted exemptions for some but not all of their credentials, then the user will have to utilize 2FA for any nonexempt keys in their possession.
IMPORTANT NOTE: At this time by default, mobile keys will automatically be exempt from the 2FA process. If you would like your users' mobile keys to be automatically nonexempt, please contact firstname.lastname@example.org for assistance.
If you have any questions or would like to learn more about two-factor authentication exemptions, please send inquiries to email@example.com.