Docs

All documentation
Connectivity Cellular, LPWAN, and satellite
- Cellular
  - Cellular (Soracom Air)
  - SIM Management
- LAN & WiFi
  - Soracom Arc
- LPWAN
  - LPWAN / LoRaWAN
- Sigfox
  - Sigfox
- Satellite
  - Satellite
Hardware Devices and modules
Platform Console, configuration, account, billing
- Console & Navigation
  - Console
- Configuration
- SIM & Fleet Ops
- Account & Access
- Billing
  - Usage & Invoices
Cloud Integration Route data to cloud services
- Data Entry Point
  - Data Entry Point
- Protocol Conversion & Forwarding
  - Protocol Conversion & Forwarding
- Serverless Triggers
  - Serverless Triggers
- Direct Cloud Delivery
  - Direct Cloud Delivery
- Inline Data Transformation
  - Inline Data Transformation
- Video Streaming
  - Video Streaming
Data & Analytics Store, visualize, and query
- Data Collection & Storage
  - Soracom Harvest
- Dashboards & Alerts
  - Dashboards & Alerts
- Data Analytics
  - Data Analytics
- IoT Automation
  - IoT Automation
Network & Security Private networking and VPN
- VPG Sub-features
- Credential Provisioning
  - Credential Provisioning
- SIM Authentication
  - SIM Authentication
Device Management Firmware, provisioning, inventory
- Fleet Management
  - Fleet Management
- Device Commands
  - Device Commands
- Remote Access
  - Remote Access

Documentation navigation

Docs

All documentation
Connectivity Cellular, LPWAN, and satellite
- Cellular
  - Cellular (Soracom Air)
  - SIM Management
- LAN & WiFi
  - Soracom Arc
- LPWAN
  - LPWAN / LoRaWAN
- Sigfox
  - Sigfox
- Satellite
  - Satellite
Hardware Devices and modules
Platform Console, configuration, account, billing
- Console & Navigation
  - Console
- Configuration
- SIM & Fleet Ops
- Account & Access
- Billing
  - Usage & Invoices
Cloud Integration Route data to cloud services
- Data Entry Point
  - Data Entry Point
- Protocol Conversion & Forwarding
  - Protocol Conversion & Forwarding
- Serverless Triggers
  - Serverless Triggers
- Direct Cloud Delivery
  - Direct Cloud Delivery
- Inline Data Transformation
  - Inline Data Transformation
- Video Streaming
  - Video Streaming
Data & Analytics Store, visualize, and query
- Data Collection & Storage
  - Soracom Harvest
- Dashboards & Alerts
  - Dashboards & Alerts
- Data Analytics
  - Data Analytics
- IoT Automation
  - IoT Automation
Network & Security Private networking and VPN
- VPG Sub-features
- Credential Provisioning
  - Credential Provisioning
- SIM Authentication
  - SIM Authentication
Device Management Firmware, provisioning, inventory
- Fleet Management
  - Fleet Management
- Device Commands
  - Device Commands
- Remote Access
  - Remote Access

MFA & Security

Soracom supports multi-factor authentication (MFA) for operator and SAM user accounts. Enabling MFA adds a second authentication factor — such as a TOTP code from an authenticator app — to protect against unauthorized access even if passwords are compromised.

What it does

TOTP-based MFA: Use any standard authenticator app (Google Authenticator, Authy, 1Password) for second-factor codes
Per-user enforcement: Enable MFA individually on operator accounts and SAM users
Recovery codes: Generate backup codes for account recovery if the authenticator device is lost
Session management: Control session duration and idle timeout settings
Password policies: Set minimum password complexity and rotation requirements

Common use cases

Securing operator accounts that manage production IoT fleets
Enforcing MFA for all team members accessing the Soracom console
Meeting compliance requirements for multi-factor authentication

Operators — Account management for operator-level MFA
SAM Users & Roles — Manage MFA for sub-accounts
Audit Logs — Monitor authentication events and access attempts

MFA & Security

What it does

Common use cases

Related