Hey Everyone,
I have my users enabled for SSPR and Combined MFA/SSPR (AD Groups in Azure console) and MFA (MFA console)
They then login to a modern app and go thru the registration fine.
The problem is that on the MFA Console they are still showing as Enabled and does not change to Enforced.
From PowerShell I see that the user has Authentication Methods enrolled.
Is this expected because SSPR does not provide an App Password like normal MFA enrolment does?
Or could it be that the users registered for SSPR and then later they were enabled for MFA?
Thanks M