We have Duo mfa configured and in use in our org. Duo works just fine as an mfa provider for Azure AD auth. We've been told my MS that a CA rule can be set to require Duo or MS mfa during auth. Has anyone actually tested this out and can describe the expected user workflow with this type of rule?
THX> Eric
@wick111, Yes, it works. When you configure more than one MFA provider in Azure, all those MFA providers do get listed in the section Access Controls --> Grant, while creating a Conditional Access Policy.
You can refer to the screenshot below for more info:
I also stumbled upon the following article from DUO, which speaks about configuring the Conditional Access Policy in Azure For DUO. You can refer this article too.
https://duo.com/docs/azure-ca
Disclaimer: This response contains a reference to a third-party World Wide Web site. Microsoft is providing this information as a convenience to you. Microsoft does not control these sites and has not tested any software or information found on these sites; therefore, Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. There are inherent dangers in the use of any software found on the Internet, and Microsoft cautions you to make sure that you completely understand the risk before retrieving any software from the Internet.
Hope this helps.
Do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as "Answer" if the above response helped in answering your query.
Thanks for your reply. I was able to accomplish what you outlined but what i want to do is put option of using MS or DUO MFA in same policy. Someone at MS once told me you could do this successfully but i am unable to actually make it work in an OR manner for an end user. This is the config I'm seeking any additional insights on.
THX> Eric
4 people are following this question.
