question

HeatherTurner-8540 avatar image
0 Votes"
HeatherTurner-8540 asked HeatherTurner-8540 commented

azure b2c active mfa session

Active mfa session does not seem to be working in custom policy when using an social user (AAD user) to login to B2C. I have compared the social and local mfa starter base custom policy file to see if there are any differences, and I don't see anything that could be affecting this. Is there anything specifically I can look at that may be causing this issue?

azure-ad-b2c
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @HeatherTurner-8540 ,what part isn't working? Are the users not getting prompted?

0 Votes 0 ·

@JamesHamil-MSFT So I made some changes where the behavior I am experiencing now is no longer the same as I reported initially in this question. Now I experience every time the user (social user or local user) hits the mfa policy, it prompts for mfa no matter if they have an active session or not.

I tried this suggestion: https://docs.microsoft.com/en-us/answers/questions/69770/mfa-session-doesn39t-work-in-azure-b2c-custom-poli.html where it was suggested to add add <IncludeTechnicalProfile ReferenceId="SM-MFA" /> to SM-AAD technical profile in the TrustFrameworkBase file, and that seemed to work when starting from an mfa policy immediately and then going to another link that also requires mfa, but when starting from a non-mfa policy and stepping up to a mfa policy, it doesnt prompt for mfa at all, so I removed that change.

Any assistance on troubleshooting this issue would be greatly appreciated.

0 Votes 0 ·

0 Answers