What should I know about enrollment and management before turning on Procore MFA?
Background
Before you enable Multi-Factor Authentication (MFA) for your Procore account, it is important to understand that this security upgrade is designed to be highly compatible with your existing tools while introducing specific enrollment rules. Whether you are a Procore Pay user or a standard commercial user, MFA provides an essential layer of protection using standard protocols (TOTP) that work seamlessly with most authenticator apps and third-party integrations.
General Compatibility
Will my installed third-party applications stop working because of Procore MFA?
No. All third-party applications continue to operate as-is without interruption.
Are there any Authenticator Apps that are not compatible with Procore MFA?
Procore MFA is built using standard Time-based One-Time Password (TOTP) protocols. Because of this, many Authenticator apps (such as Google Authenticator, Microsoft Authenticator, Okta, etc.) are fully compatible.
Enrollment & Management
What happens if I turn off Procore MFA?
-
Procore Pay Users: MFA is mandatory and cannot be deactivated.
-
Standard Users: MFA can only be deactivated by your company’s Procore Administrator.
Once active, all enrolled users must use MFA to log in. If you haven't enrolled yet, you may continue using your password until the enforcement deadline. After that date, MFA will be required for all users to ensure organization-wide security.
Is my Single-Sign-On (SSO) configuration affected by Procore MFA?
No. Procore MFA is only applicable to non-SSO users. If your organization uses a third-party Identity Provider (IdP) (e.g., Azure AD, Okta, etc.) to log into Procore, your existing login flow remains unchanged.
MFA Comparison at a Glance
|
Feature |
Non-SSO Users |
SSO Users |
|---|---|---|
|
MFA Availability |
Yes (via TOTP Apps) |
Managed by your Identity Provider (IdP) |
|
Mandatory once enrolled? |
Yes |
Depends on your company's specifc IT policy |
|
Third-party App impact |
None |
None |