I love this answer

Can we turn off two factor authentication?
- No.

And that's how it should be answered.
As IDP in a SSO context that's the only acceptable answer: NO, the SP can't and shall not be able to disable user's 2FA.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.