Script/CLI Access Step-Up MFA

Hi There!

We really need to have an option to enforce an MFA option on a few script actions:

Anytime a user in Syncro attempts to gain access to the following areas, a step-up authentication should be performed.

  • Manually running a script on a device (I could see not having this in lieu of having the next option to protect script creation)
  • Creating a new script in the system
  • Modifying an existing script in the system
  • Deleting devices out of the system
  • Connecting to CLI
  • Bonus - Performing a remote session should be protected

All of these actions appear to hit a specific set of APIs on the backend. Mulesoft API gateway or ForgeRock Identity Gateway could be great ways to handle this API access for step up authentication