Skip to main content

Celonis Product Documentation

Two-factor authentication (2FA)

Two-factor authentication (2FA), where your users receive an access token via email, SMS, or supported authenticator app is available to teams using the Celonis ID only. This means that it is not available in teams where SSO is active.

When enforced, an access token is requested when the user either:

  • Logs in from a new device, browser, or IP address.

  • Last logged in over 30 days ago.

Updating your two-factor authentication method

If you're a member of a team that's using Celonis ID you can update your two-factor authentication method from your user profile.

You can choose between:

  • Email

  • SMS

  • Authenticator app

To access your user profile and update your two-factor authentication method:

  1. Click your avatar and select Edit Profile:

  2. Click Edit Personal Details.

  3. Click Two-factor authentication.

Supported authenticator apps


Any references to third-party products or services do not constitute Celonis Product Documentation nor do they create any contractual obligations. This material is for informational purposes only and is subject to change without notice.

Celonis does not warrant the availability, accuracy, reliability, completeness, or usefulness of any information regarding the subject of third-party services or systems.

While there are numerous authenticator apps available, we have tested and can verify the following: