Beginning February 1st, 2022, Salesforce requires customers to enable Multi-Factor Authentication (MFA) for all internal users to log in to Salesforce products (including partner solutions) through the user interface. What to expect from Conga Composer solutions built on the Salesforce platform is outlined below.

What is MFA and why is Salesforce requiring it?

MFA is a secure authentication method that requires you to prove your identity by providing two or more pieces of evidence (or “factors”) when you log in.

  • One factor is something you know, such as your username and password.
  • Other factors are verification methods that you may have, such as an authenticator app or a security key. By tying user access to multiple types of factors, MFA makes it much harder for common threats like phishing attacks and account takeovers to succeed.

What about SSO?

Like internal users, SSO users require to use MFA when accessing the internal Salesforce applications. You can use the MFA service of your SSO provider or the MFA functionality provided in Salesforce instead. If SSO is used to access Conga Composer, MFA is not be required.

What actions can I take now to ensure that we are ready?

To prepare for this rollout, you can enable MFA for your user base by assigning the Multi-Factor Authentication for User Interface Login permission to them. Those users will be prompted to set up MFA upon the next immediate login.

Conga Trigger Solutions and gathering data through Reports do not work when Salesforce Session Security MFA is enabled.

Conga recommends setting MFA through Salesforce permissions.

For additional information, see:

https://help.salesforce.com/s/articleView?id=000356005&type=1

https://help.salesforce.com/s/articleView?id=000352937&type=1