Policy-based user self care - factors enrollmentIntroductionGeneral ApproachUser On BoardingCustom USC Application ConfigurationGrant types and JWT settingsProtect the OIDC application with an MFA access policyRestrict API access for least privilegeCustom Access PolicyUSC Access Token with Policy AuthenticationInitial GrantDisplay an MFA selection challenge to the userPerform an enrolled SMS OTP for MFAExchange MFA JWT for Fully Entitled Access TokenPerform USC MFA Enrollment FunctionsConclusion