Documentation

New limited admin users cannot complete Two-Factor Authentication (2FA) setup in Adobe Commerce on cloud infrastructure

Last update: Thu Apr 23 2026 00:00:00 GMT+0000 (Coordinated Universal Time)

When creating a new admin role with limited permissions in Adobe Commerce, users having this limited admin role assigned may encounter issues logging in for the first time if the Two Factor Auth (2FA) role permissions are missing.

Description description

Environment

  • Adobe Commerce on cloud infrastructure - All versions
  • Two Factor Auth enabled for admin users

Applies to

  • Commerce administrators configuring limited admin roles
  • New admin users assigned to restricted or limited permission roles

Issue/Symptoms

A new admin user assigned to a limited admin role is unable to set up Two-Factor Authentication (2FA) during their initial login to the Adobe Commerce Admin panel.

Typical symptoms include:

  • The user is prompted for 2FA but cannot proceed with registration.
  • The user may see errors or is unable to see the 2FA configuration options.
  • The user cannot complete first-time login to the Admin panel because 2FA setup never finishes.

Resolution resolution

Important: You must repeat these steps for every new limited admin role that requires 2FA-enabled admin access.

To allow users with limited admin roles to set up 2FA and access the Admin panel, enable the Two Factor Auth permission in the role configuration and then ensure the role is correctly assigned to the user.

  1. Sign in to the Adobe Commerce Admin panel with an account that has full administrator rights.

  2. Go to System > Permissions > User Roles.

  3. Select the limited admin role that you created or are creating.

  4. In the role permissions tree, locate Permissions > 2FA. Make sure that the Two Factor Auth permission is selected. Click Save Role to apply the changes.

  5. Go to System > Permissions > All Users:

    1. Edit the user who needs limited admin access.
    2. On the user configuration page, assign the updated limited admin role.
    3. Click Save User.

  6. Ask the user to sign in to the Adobe Commerce Admin panel again. The 2FA setup flow should now display correctly and allow them to register their 2FA method.

  7. After completing 2FA registration, the user should be able to access the Admin panel with the limited admin role.

Cause

The limited admin role assigned to the user does not have the Two Factor Auth permission enabled. Because 2FA is required for Admin access, the user must have permission to use the Two Factor Auth module to complete the initial setup.

recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f