question

YasithaPandithawatta-1639 avatar image
1 Vote"
YasithaPandithawatta-1639 asked ·

Enable MFA for all users when login via a specific app with conditional access

Hello,

I am trying to enforce MFA for all users in our tenant when they login via a specific azure application. This specific application uses azure identity to authenticate the user to their web application.

I have created a policy for all the users and for this specific app to require MFA.

34069-screenshot-2020-10-21-at-100400-pm.png
34027-screenshot-2020-10-21-at-100506-pm.png

But when users authenicate this app to log in to the web application it doesn't ask for the MFA, it redirects back to the web app after authenticate with username and password.

I have reviewed the sign-ins for the users and it seems the conditional policy is not applied.

However I tried by replacing this app with built-in Microsoft application. (Microsoft Azure Management) And when I log in to the Azure portal it asked for MFA. When I enable the policy for all apps it asks for the MFA, but not when specifically select the particular app.

Is there anything to configure with the application or am I doing anything wrong when setting up the conditional access policy?

34058-screenshot-2020-10-21-at-100037-pm.png


azure-active-directoryazure-ad-multi-factor-authenticationazure-ad-conditional-access
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

ManuPhilip avatar image
0 Votes"
ManuPhilip answered ·

I think, you need to incorporate the corresponding MFA SDK in your application code, while preparing the app. The video here helps to have an overview: multi-factor-authentication-sdk


·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.