question

HiramClaytor-0883 avatar image
0 Votes"
HiramClaytor-0883 asked MarileeTurscak-MSFT commented

Does Connected Organization force OTP

I have added connected organizations to our Azure AD in an attempt to create an access package for a SharePoint Site. Many of the domains for those connected organizations do not use or are not linked to an active directory, and are showing OTP as the option for authentication. Does this force OTP authentication on those users? Many of the users on those domains have Microsoft accounts created with their work email but are getting an AADSTS50020 error when they go to login. FYI - I do have the OTP for guest users preview turned on. I was hoping this would only be an option if all else failed when logging in.

azure-active-directoryazure-ad-b2bazure-ad-privileged-identity-management
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

How users from the Azure AD directory or domain authenticate depends on the authentication type. The authentication types for connected organizations are:

Azure AD
Direct federation
One-time passcode (domain)

https://docs.microsoft.com/en-us/azure/active-directory/governance/entitlement-management-organization

Based on the guide, if they don't have other authentication options available they may be stuck with OTP. Based on your description and the fact that they're not connected to a directory, that may be what's happening.

0 Votes 0 ·

0 Answers