Skip to main content

Enforce Device Security

Enforcement adds device security to authentication by checking whether a device passes your XFA policy before access continues. Depending on your configuration, XFA can warn users, block access, or allow exceptions without managing or taking control of the device, so rollout can match your risk tolerance.

XFA supports integration with the following identity providers:

By linking your IDP to XFA, you can enforce device compliance during authentication.

Configuring Enforcement Integrations

Configure on an application

You can also configure enforcement for specific applications. XFA supports the following integrations:

Custom SAML Integrations

For applications not listed above, XFA supports custom SAML integrations. This allows you to enforce device security on any SAML-enabled application.

Google Workspace Google

Google Workspace can also be linked to XFA via a SAML integration to enforce device compliance.

🔐 Silent MFA

XFA’s Silent MFA feature provides an additional layer of security by requiring multi-factor authentication without interrupting the user experience. Silent MFA can be enabled on a per-integration or per-application basis, ensuring secure access to your systems without unnecessary friction for users.


With the Enforce Device Security feature, XFA empowers your organization to secure its critical applications and systems by ensuring only trusted and compliant devices can access them. Explore the individual application guides linked above to configure enforcement for your specific use cases.