function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Vigneshwaran GurunathanVigneshwaran Gurunathan 

Superbadge Security Specialist step 5 - Could not find just one PermissionSet enabled for 2FA.

User-added image

I have created a permission set with the system permission "Two-Factor Authentication for User Interface Logins" and assigned it to the Samantha Cordero users. Here is the login history which i have used the Authenticator to authenticate the login of the user.

User-added image
What else am i missing? Any help is much appreciated.
Best Answer chosen by Vigneshwaran Gurunathan
Vigneshwaran GurunathanVigneshwaran Gurunathan
I completed this challenge few days back. The issue is because i had two permission sets with 2FA enabled. Once i deleted one permission set, the challenge passed without issue. 

Please check whether you have any other permission set with 2FA enabled in your DE org.

All Answers

Martijn SchwarzerMartijn Schwarzer
Hi Vigneshwaran,

You will also need to check the permission "Two-factor authentication for API Logins" in the permission set. Mobile users login using the API...

Hope this helps!

Best regards,
Martijn Schwärzer
Rajesh BhoirRajesh Bhoir
Even I am facing the same issue,I checked both "Two-Factor Authentication for API Logins" and "Two-Factor Authentication for User Interface Logins" in permission set still getting the same error.Is there any thing else I need to do.
Martijn SchwarzerMartijn Schwarzer
Hi Guys,

Did you name the Permission Set "2FA" ?

All I did to pass the challenge is create the Permission Set with name "2FA" and checked both the "Two-Factor Authentication for API Logins" and "Two-Factor Authentication for User Interface Logins" permissions.

Best regards, 
Martijn Schwärzer
Rajesh BhoirRajesh Bhoir
Hi Martijn ,

I just tried to with the new permission set named as "2FA" and checking both the "Two-Factor Authentication for API Logins" ,"Two-Factor Authentication for User Interface Logins" permissions but still getting the same error.
 
Rajesh BhoirRajesh Bhoir
Hi,

I was able to get through the challege today, I followed the same steps but in different developer org. and I was able to complete it.I still did not get what was the issue in my earlier org since the same steps were followed multiple times and same error was popped up.

I think it was a session issue or may be somethign from backend since I checked the list of permission sets assigned to users in Developer console using a query and even though the permission set was deleted from the listed the query list showed me that permission set was assigned to Samantha Cordero..

Thanks ,
Rajesh 

 
Vigneshwaran GurunathanVigneshwaran Gurunathan
I completed this challenge few days back. The issue is because i had two permission sets with 2FA enabled. Once i deleted one permission set, the challenge passed without issue. 

Please check whether you have any other permission set with 2FA enabled in your DE org.
This was selected as the best answer
pavas singhalpavas singhal
I have tried with the new permission set named as "2FA" and used both Two-Factor Authentication for API Logins" ,"Two-Factor Authentication for User Interface Logins" permissions but still getting the same error :"Challenge Not yet complete... here's what's wrong: 
Could not find just one PermissionSet enabled for 2FA." 
I have created one separate organization as well. But it still its not wokring
João LopesJoão Lopes
Hy Guys, I was facing the same problem. Even using a brand new dev org, I faced the same message. Tips:

1) Log off trailhead environment
2) Log off all salesforce orgs
3) Log in trailhead
4) Push log in my dev org button inside the challenge (bellow "Challenge +500 points" title). Notice that you need to use the SF Authenticator mobile app in order to connect it !
5) Press "Check Challenge" button !
6) If all configurations are ok, Done !!!! +500 points.

Hope help you guys !

João Lopes
Arvind BalijepalliArvind Balijepalli
i recreated the permission set with "salesforce platform License" and assigned the user(who was also created with salesforce platform license) and assigned the permission and checked the challenge it worked.
BijaySBijayS
Hi ,

I am getting this error while submitting the Challenge 5 , Set report, dashboard, and public list security settings

There was an unhandled exception. Please reference ID: TRUDYEHH. Error: Faraday::ClientError. Message: INVALID_FIELD: PermissionsEditPublicFilters, PermissionsCreateCustomizeReports ^ ERROR at Row:1:Column:77 No such column 'PermissionsCreateCustomizeReports' on entity 'Profile'. If you are attempting to use a custom field, be sure to append the '__c' after the custom field name. Please reference your WSDL or the describe call for the appropriate names.

Is there anyone who got the same error and resolved it?

Regards
SathishKumarSathishKumar
Hi All, 

I am stuck @ 5th step. I have created permission with the name 2FA, and ebanled Two-Factor Authentication for API Logins and Two-Factor Authentication for User Interface Logins. I have assigned the permission set to the user, but still i am getting error as in the screen shot.

User-added imageUser-added image
Bart Van Doren 9Bart Van Doren 9
A few helpful tips :
- make sure that you select the 'Two-Factor Authentication for API Logins' and 'Two-Factor Authentication for User Interface Logins'. And not the 'Manage Two-Factor Authentication in API' and 'Manage Two-Factor Authentication in User Interface'
- make sure the label is '2FA', the API name cannot start with a number, but it doesnt matter, name it TwoFA or something.
- make sure only one user is linked to the permission set.
 
alekhya.annamdevialekhya.annamdevi
Even I am facing the same issue. I have tried all the solutions that has been told to do in the discussion. Is it because of the server issue?
 
Stamen Nikolov 4Stamen Nikolov 4

I have been fighting this problem with the error message for hours and here are my findings and comments on all what I`ve read so far:

1. Someone have said that you need to enable both permissions for the two factor authentication in the perm.set - I`d say there`s no need for this, as I was able to pass the challenge with one one permission enabled - "Manage Two-Factor Authentication in User Interface"
2. I also saw also people deleting and creating again the permission set, which is normal when you try to fight this error, but I`d say No need for that either. For me it was enough to disable the permission on the perm.set and save. Then Enable again the "Manage Two-Factor Authentication in User Interface" permission and save and it should work.

Good luck everyone! This one is a bit tricky.

Ingarel BerettaIngarel Beretta
This tip helped me find and correct my error:

- make sure that you select the 'Two-Factor Authentication for API Logins' and 'Two-Factor Authentication for User Interface Logins'.
And not the 'Manage Two-Factor Authentication in API' and 'Manage Two-Factor Authentication in User Interface'
Neethu uNeethu u
I am still getting the error
Challenge Not yet complete... here's what's wrong: 
Could not find just one PermissionSet enabled for 2FA.

I created a permissionset named 2FA. And selected Two-Factor Authentication for API logins and Two Factor Authentication for User interface.
And I logged in as Samatha.
Can anyone help me on this?
Stamen Nikolov 4Stamen Nikolov 4
Please check the answer above from Vigneshwaran Gurunathan, which is choosed to be the best answer.
Neethu uNeethu u
Hi,
I cross checked there is no duplicate permissionset for 2FA enabled.
Please help me to sort out this.
Stamen Nikolov 4Stamen Nikolov 4
Hi,
try to disable the permission on the perm.set and save. Then Enable again the "Manage Two-Factor Authentication in User Interface" permission and save and it should work.
Sharath RamSharath Ram
Guys,
Please check carefully if you have marked "Manage Two-Factor Authentication in API" or "Two-Factor Authentication for API Logins".

You should be selecting "Two-Factor Authentication for API Logins" for this task.
Billy PittmanBilly Pittman
Spent about an hour spinning my wheels. 
Passed on: Permission Sets > "Manage Two-Factor Authentication In User Interface" <only
Then, go to "Users" >  "Cordero Samantha"
Permission Set Assignments > 2FA + Trailhead 
:)
Gustavo A. SelujaGustavo A. Seluja
Fellas,

After much work I was able to pass this step.  A few tidbits:

- Remember the steps prior to unlocking this superbadge.  In particular, step 1 'Secure Your Users' Identity' where you need to build the permission set '2fa Auth' with the system permission 'Two-Factor Authentication for User Interface Logins' ONLY.  It does not say to also enable 'Two-Factor Authentication for API Logins'.  So as advised here on this thread I deleted the permission set '2fa Auth' (on hindsight, I think just removing the permission would've worked, see below)

- The reason I was not able to pass this step was that there was another permission set named 'Trailhead' that also had 'Two-Factor Authentication for User Interface Logins' checked!  I don't recall building it, but oh well.  All I did was to remove the permission on this permission set, that's it.  I did not delete the permission set.

- The permission set '2FA' contains ONLY the permission 'Two-Factor Authentication for User Interface Logins'.

- You obviously need to test access using the Salesforce Authenticator app for user Samantha Cordero.  This is EXACTLY what you did on the 'Secure Your Users' Identity' module step, for user Sia Thripio.


 
Nikunj GangradeNikunj Gangrade
From the above answers I believe everyone is having a different kind of issue for the same error. 
I was having the same error and then I found out that I have 2 permission sets which have 2FA enabled. Once I deleted one of the permission set it worked withour any issue.
Hugues Leclerc 7Hugues Leclerc 7

I've struggled a lot with this issue too even if everything was correct on my side :
- Permission Set named "2FA" (very important) and checking the two checkbox about Two-Factor LOGIN !
- Assign user to this Permission Set

As mentionned in the best answer, if any permission set already exist that include a 2FA auth, it will fail. That's why it's important to start with a fresh trailhead hands-on org. Maybe you'll remark while installing the Superbadge package you'll be redirected to your DE platform not the fresh trailhead as you'll connect with your credential.

Delete every permission set with assigned users that require 2FA to validate the challenge ! 

Ashok Kumar 211Ashok Kumar 211
Hi All, 
I was also facing the same issue and refered the give thread. The solution that work for me refered by Bart Van Doren 9 above:- 
- make sure that you select the 'Two-Factor Authentication for API Logins' and 'Two-Factor Authentication for User Interface Logins'. And not the 'Manage Two-Factor Authentication in API' and 'Manage Two-Factor Authentication in User Interface'
Hope that help. 
Jose Solera 5Jose Solera 5
As Vigneshwaran Gurunathan indicated, make sure you do not have another permission set with 2FA enabled. I had a second one. Once I cleared it (after trying numerous things) I was able to pass the check.
Karla Martinez3Karla Martinez3
I had this issue, It was solved thanks to the recommendation of @Arvind Balijepalli ... Set the same license in the Permission set and in the user. If Samantha has 'Salesforce' License then the Permission 2FA same.
Krishna Nadoor 4Krishna Nadoor 4
I can confirm that "Two-Factor Authentication for API Logins" is not required to be enabled to pass this particular challenge!
Thoa VuThoa Vu
You can create a new org DE and setup again. I did it and passed this step.
MPB SalesforceMPB Salesforce
Hello every One if you have any query regarding this challenge so please try once this link also I hope you will get definitely solution regarding your issue
https://www.youtube.com/watch?v=HRGZyo-qKp0&list=PLQf_Kv-dMRBKhNMH1PCisUIDYyDIZ35U1&index=5
ANANTAPALLI P S B VYSHNAVANANTAPALLI P S B VYSHNAV
You need to check the checkboxes for the permission "Two-factor authentication for API Logins" in the permission set. Mobile users login using the API.

and you also need to unckeck these two checkboxes for all the other permission sets
praveenkumar gudisapraveenkumar gudisa
Challenge Not yet complete... here's what's wrong:
Could not find just one PermissionSet enabled for 2FA.
 
mars rover 1680mars rover 1680
delete trailhead
you will get it
Jeanne VieJeanne Vie
Hi! How to check if we have another permission set with 2FA enabled? 
Javier Ramirez 10Javier Ramirez 10

Something very weird is happening to me... even if I check the two 2fa checkboxes, hit Save, whenever I logout and login again the checkboxes are unchecked

Unchecked 2fa checkboxes

keerthana vellaiyankeerthana vellaiyan
hi all,
      i cannot see the two factor authentication in 2fa Auth for User Logins permission set please help me to complete  this.
Singamsetti Sai TejaSingamsetti Sai Teja

Hi ,

I also got the same issue. I resolved it by assigning the permission set name as MFA --> system permissions as

Multi-Factor Authentication for API Logins  - checked

 

Multi-Factor Authentication for User Interface Logins   - checked 

Manage Multi-Factor Authentication in API  - Checked

 

Manage Multi-Factor Authentication in User Interface - Checked

And verfied whether it is working or not y using salesforce authenticator app.

Also Renamed the user firstname as Samantha and Lastname as Cordero.

 

Jhonny FreitasJhonny Freitas
Hello everyone, I had the same problem but the problem was that I was marking the "Manage Multi-Factor Authentication in API and Manage Multi-Factor Authentication in User Interface and not the "Multi-Factor Authentication for API Logins Multi-Factor Authentication for User Interface Logins " in the end I left the 4 selected and passed
Melihcan DumanMelihcan Duman
Make sure to choose the following two in the system permissions within the permission set you created:
-     Multi-Factor Authentication for User Interface Logins   - checked 
-    Manage Multi-Factor Authentication in API  - Checked
Then, manage assignments and then assign permission to "Cordero, Samantha" on the page where you chose the above two authentication items.

if this still does not work, delete the permission set that you created and create it again.