Disable 2FA options in Gitlab
Since this Gitlab instance only accepts logins via SSO from Keycloak there is no point in Gitlab prompting for (or even allowing) adding 2FA to Gitlab accounts. That's only going to confuse and confiscate things.
To upload designs, you'll need to enable LFS. More information