I’m trying to understand the feature difference between Community and Enterprise, as shown here:
It looks like Community supports “Multi-factor authentication (auth)” but not “Multi-factor authentication (path)”.
I always thought MFA was just MFA. Whats the difference between these two types of MFA?
Also, if we connect via LDAP, can’t we get MFA through our LDAP server instead?
In community, MFA is only required on login. In Enterprise, you can require MFA for a specific path like reading a secret AFTER login.
Login MFA: Log in, enter MFA, do all the things in your policy.
Step-up MFA (enterprise): Log in, enter MFA (I’d still do login MFA also, but thats me), do all the things in your policy UNLESS you configure MFA for a specific path - then you need a new code (for a 2nd time, not just at login). See this for an example of configuring MFA on a path:
Hope that helps