MFA Requirement - Users and login types


Which Heroku users and login types are affected by the MFA requirement?


All Heroku users must use MFA for every login through the Heroku web user interface (known as Heroku Dashboard).
This includes logins that use -

  • an email and password
  • single sign-on (SSO)
  • logins originating from Heroku CLI that open a web browser

MFA isn’t required for API integrations that use an API key or a Heroku Direct Authorization.

Viewing or generating an API key or Direct Authorization does require users to log in through the web interface using MFA.

Ask on Stack Overflow

Engage with a community of passionate experts to get the answers you need

Ask on Stack Overflow

Heroku Support

Create a support ticket and our support experts will get back to you

Contact Heroku Support