No IdP required
Add MFA without requiring customers to use a separate enterprise identity provider.
Customer MFA
Add MFA on top of your existing username and password login. Datawiza Access Proxy protects customer-facing apps without requiring an external IdP, user migration, or application code changes.
External users
Customers, members, patients, students, and external users
Protected apps
Customer apps
Datawiza Access Proxy
Inline enforcement for identity, MFA, access policy, and audit before traffic reaches the application.










Customer-facing risk
Customer portals are attractive targets because attackers can reuse stolen passwords against exposed login forms. MFA helps, but many customer apps were not built for modern identity projects.
Add MFA without requiring customers to use a separate enterprise identity provider.
Keep existing accounts, passwords, and customer sign-in behavior while adding a stronger security layer.
Datawiza Access Proxy adds the MFA challenge in front of the app, so teams do not have to rewrite login code.
Use cases
Protect customer portals for financial services, healthcare, education, insurance, and member services.
Add MFA to patient portals, student portals, policyholder portals, and customer-facing service sites.
Protect customer apps that rely on their own username and password login.
Use Datawiza hosted service for a fast DNS-based rollout, or self-host when your team wants direct control.
How it works
Datawiza Access Proxy sits in front of the customer app. Users keep signing in with the existing username and password login, and Datawiza adds an MFA challenge before allowing access to the application.
Compare paths
Datawiza is for teams that want to add MFA to an existing customer login quickly. You do not need to migrate users, replace the login page, or connect every customer to an external identity provider.
| Criteria | Datawiza | Traditional MFA project |
|---|---|---|
| Identity provider | No external identity provider required. Keep the existing username and password login. | Often requires a new identity platform, integration work, or authentication stack changes. |
| User migration | No user migration. Existing customer accounts continue to work. | May require moving users, sessions, passwords, or login flows. |
| Application changes | Add MFA at the Access Proxy layer without changing application code. | Usually requires app code changes or a broader authentication project. |
| Hosted deployment | Use Datawiza hosted service and update DNS or routing so traffic passes through Datawiza before reaching the app. | Typically needs infrastructure work and app-specific implementation. |
Deployment
For the easiest rollout, use Datawiza hosted service and update DNS or routing so traffic passes through Datawiza before reaching your app.
Run Datawiza in your own environment when you want more control over infrastructure, network paths, or operations.
Keep the current username and password login. Datawiza adds the MFA challenge before access continues to the application.
FAQ
No. Datawiza can add MFA on top of the existing username and password login, so customer accounts can stay where they are.
No. This use case does not require an external identity provider. If you already have one, Datawiza can work with it, but it is not required.
For the hosted service, teams typically route the customer app through Datawiza with a DNS or routing change. Self-hosting is also available if you prefer to run Datawiza in your own environment.
From industry events to new product releases, read it here first.




Sign up to secure your AI agents and critical enterprise apps