SAML 2.0 G Suite integration prompts for new two-factor authentication device on every sign-in
Last Updated April 26, 2019
A user sets up their SAML 2.0 integration through G Suite, and then enable it to use single sign-on. They turn on two-factor (2FA) authentication on G Suite, but on log-in the customer is prompted to enter a new cell phone or token identifier to be used for two factor authentication.
The account has Endpoint Protection Cloud's 2FA still enabled before switching identity providers.
Switch identity provider back to the default (Endpoint Protection Cloud), disable two-factor authentication and then switch back to your SAML 2.0 profile associated with G Suite.