Here's another wired request from the crazy kiwi.
I have configured the Remote Access VPN to use Google SSO through a SMAL app. This seems to be working fine, however for further testing I wish to force my client to log out, including from the SSO session to force the 2FA again.
The process is I log on from the client for the first time on a device and I am prompted for a username and password, then for the Google MFA. This is fine, it's accepted and the VPN establishes. once I am finished with the VPN I can disconnect.
The next time I reconnect it doesn't prompt for anything, which from a user point of view is perfect. No username / password / 2fa just straight in. The secure way is the easy way.
However for testing I wish to force my account to log out fully, requiring the username / password / 2fa again, and I can't work out how to achieve this from the client. I have even gone as far as deleting and reinstalling the client, however even then it only asks for a username and password as somewhere in the background Google magic knows I've recently done the 2fa so it just works.
From the client / desktop side I he logged out from my google account and revoked all trusted devices but to no avail.
Is there some way from the client side I can force my account to require the 2fa like it was a new connection every time?
I'm wondering if this might be stored in the registry, or in a cookie or something like that.