Default MFA Security for Identity Domains My Profile and My Apps Pages

MFA enrollment and authentication is enabled by default for My Profile and My Apps access for all users.

Default MFA security means that:

The following phishing resistant MFA factors are enabled in the identity domain MFA settings:
- Mobile app push notification
- Mobile app passcode
- Fast ID Online (FIDO)
  
  Important: At least one of these phishing resistant factors must be enabled.
Users accessing My Profile and My Apps pages will be challenged for MFA, even if they've already authenticated with MFA during their current session.
Any users who aren't enrolled in MFA, will be forced to enroll.

My Profile and My Apps example URL:

<domain_URL>/ui/v1/myconsole

Disabling Default MFA Access

We don't recommend that you disable the default MFA security feature. If you want to disable this feature, then Oracle support must disable it for you. See Getting Help and Contacting Support to contact Oracle support.

Oracle Cloud Infrastructure Documentation

Default MFA Security for Identity Domains My Profile and My Apps Pages

Disabling Default MFA Access