I have an organization in google cloud and cloud identity. In the identity admin panel I have selected to not enforce 2fa but to allow users to enable it.
However, if a user wants to log in to google cloud and don't have a security key as 2fa. They are greeted with this screen
And if a user has a security key as 2fa then they are allowed access to the google cloud console panel.
How can I turn off the enforcement/requirement of a security key for users to be able to log in to google cloud?
I have created a video that shows the problem: https://youtu.be/oRt_193-SYI
I have finally found the settings menu where this is located. Google has settings for session controls and how often users need to re-authenticate. One of the options is with the kind of re-authentication method users must use. Mine was set to "security key".
Hence, when users wanted to log in they were forced to authenticate with a security key that they did not have.