• Published on: 02 June 2023
  • Last edited on: 24 January 2025

Manage Multi-Factor Authentication

Enable multi-factor authentication for additional security.

Tip

Upgrade to Premium Support! Our team of dedicated experts is ready to provide you with priority assistance, personalized solutions, and rapid issue response.

Multi-factor authentication (MFA) is security option to protect accounts. It requires the user to provide two or more verification factors to gain access to the Coupa Supplier Portal (CSP) and is the recommended option to log in for security reasons.

Your customers require you to use MFA to access their data in the CSP. To enable any MFA method, follow the steps below: 

  1. Go to the Account Settings page. 
    You can reach this page by selecting your profile name on the top-right corner of the window, and selecting the Account Settings option. 
  2. Select the Security & Multi Factor Authentication tab on the left navigation bar.
  3. Choose the types of changes that require MFA from the following options:
    1. For Payment Changes (Required for Changing Legal Entity or Remit-To):
      MFA is required when creating or editing legal entities, remit-to, and bank account information.
    2. For Both Account Access (Login) and Payment Changes:
      MFA is required when logging in to the CSP. You don't have to reauthenticate when working with financial data because you already authenticated when logging in.
  4. Select the MFA option depending on how you want to receive the verification codes: 
    1. Using an Authenticator App to use an authenticator app available from the app store on your mobile phone.
      This is the recommended option. 
    2. Using a Text Message to use a code sent by text message to your phone number.

When you enable MFA, you get an email notification of the change. Set your preferred default method by selecting the radio button under their descriptions. 

If you are an admin, you can disable MFA for your users for 24 hours with the Disable MFA button from the Setup > Admin > Users page, temporarily allowing them to log in and reconfigure their MFA settings if they lose access. Your users get an email with the following subject: "CSP Multi-Factor Authentication Reset Initiated for Your Account”.

Enable MFA via authenticator app

Enabling MFA via an authenticator app is the recommended option. The first time you visit the Security & Multi Factor Authentication page, the system displays a window with instructions to configure this option. Follow the instructions on the window to configure MFA using an authenticator app: 

  1. Visit the the Google Play store or the Apple app store
  2. Search for an authenticator app.
    The recommended option is to use Google Authenticator, which is available for iOS and Android devices. See Install Google Authenticator for help with installing the app on your mobile device. 
  3. Download and install your preferred authenticator app.
  4. Open the app on your mobile device.
  5. Go to the Account Settings page. 
  6. Select the Security & Multi Factor Authentication tab on the left navigation bar.
  7. Scan the QR code shown in the modal with the authenticator app or copy the security key to use it as the CSP authentication code.
    For most apps, select "Add" or "+" to scan the QR code.
  8. Enter the 6-digit verification code from your device in the input field on the modal. 
  9. Select the Enable button at the bottom right of the modal. 

Print your backup codes or email them to yourself before you click OK. If you ever lose your device, you need these to regain access to your CSP account.

Note

You can only use a recovery code once, so refresh your list if you have to use a recovery code.
Go to Account Settings > Security & Multi Factor Authentication and click Regenerate Recovery Codes to get a new list of codes.

Enable MFA via text message

Note

If you want to receive text message (SMS) notifications or verification codes, you must enter and validate your phone number under My Account > Notification Preferences.

To enable MFA via text message, follow the next steps:

  1. Go to the Account Settings page. 
    You can reach this page by selecting your profile name on the top-right corner of the window, and selecting the Account Settings option. 
  2. Select the Security & Multi Factor Authentication tab on the left navigation bar.
  3. Click the blue circle next to the Via Text Message option:
    Follow the instructions that appear on the next screen. 
  4. Input the phone number where you want to receive the SMS text. 
    A code is sent to your phone as an SMS text message (SMS rates may apply).
  5. Confirm the Recaptcha shown in the modal and select the Send Code button. 
  6. Enter the 6-digit verification code sent to your phone in the field next to the third steps shown on screen. 
  7. Select the Enable button at the bottom right of the modal. 

After successful validation, you receive the verification code in a text message.

Track recent login activity 

At the bottom of the Security & Multi Factor Authentication page, you can also track your login activity.

Your logins are listed in reverse chronological order under the Recent Login Activity section with the following information: date (and time); browser; device; IP address; and, if MFA is enabled, also the authentication type (authenticator app or text message).

By default, the three most recent logins are visible. Use the ...View More link to see up to 20 logins.

Sign in to the Coupa Supplier Portal using MFA

Note

The code that Google Authenticator provides is good only for 60 seconds. If you don't type that code on the CSP sign-in page and click Log In within 60 seconds, you have to get a new code and try again.

Note

If your supplier is locked out and they don't have their six-digit backup validation code, contact Coupa Support to provide the supplier's declaration form and either their email used to log in to the CSP or a copy of their photo ID or passport to verify their identity.

To sign in to the CSP using MFA, follow these steps: 

  1. Go to https://supplier.coupahost.com and provide your credentials as usual.
    The Multi-Factor Authentication window opens.

  2. Depending on your setting:

    1. Open the authenticator app on your device and choose your CSP account. Get the number that's shown.

    2. Open the newly received SMS text message that contains the verification code.

  3. Type the authentication code in the appropriate field.

  4. Click Log In.

Remembering browsers for MFA

When you log in as a CSP user, you can select the Remember this browser checkbox on the Multi-Factor Authentication page to bypass multi-factor authentication (MFA) on your account for 30 days. You still need to use MFA for any payment method or legal entity changes.

Disable MFA for users

As an Admin, you can disable MFA for your users for 24 hours with the Disable MFA button from the Setup > Admin > Users page, temporarily allowing them to log in and reconfigure their MFA settings if they lose access.
Your users get an email with the following subject:
"CSP Multi-Factor Authentication Reset Initiated for Your Account".