Microsoft 365 not asking for MFA while doing login
We built Single Sign-on feature through SAML. We are using AWS Cognito as Service Provider and Azure AD as Identity Provider.
In our application, a user clicks on Login with Microsoft button, and we redirect them to the AWS Cognito URL for MS 365 login. The login works successfully and the user is able to access the application.
I have configured an MFA device using this link https://mysignins.microsoft.com/security-info. But while doing SSO login, it's not asking for MFA. How to enforce MFA during login?
I tried to reproduce the same in my environment and got the results like below:
To setup the MFA in Microsoft 365, Login in to Microsoft 365 admin center with Admin Credentials.
Go to Users -> Active Users -> Multi-Factor Authentication
You can set the MFA for all the users or single user like below:
After setting the MFA when I tried to login, I got the MFA prompt successfully like below:
In https://mysignins.microsoft.com/security-info page you can select the device for MFA for a user like below:
For more in detail, please refer below link:
- Create Azure Key Vault backed secret scope in Databricks with AAD Token
- C# Graph api SDK V5 - Add User to multiple Groups
- Microsoft Azure doesn't return email via Oauth2 flow
- Sign in to Azure Account from VS Code
- Any luck in using AddMicrosoftIdentityWebApp in combination with IdentityServer4?
- Dotnet-Isolated Azure Functions - how to access HttpContext
- vscode-remote-ssh does not work with SSH using Azure AD authentication
- Implementing SSO for Azure AD B2C
- Office 365 Exchange Online permission is not visible for registered application in azure active directory
- "error_description":"Exception of type 'Microsoft.IdentityModel.Tokens.AudienceUriValidationFailedException' was thrown."
- Azure AD client credentials generated token does not have claims (EDITED)
- Calling an ASP.NET Core Web API integrated to EntraId app from another .NET Core console app integrated to EntraId app fails
- Correlation failed in net.core / asp.net identity / openid connect
- Generating token for Fabric Rest api using client secret
- Permission based access control using Entra ID with ASP.NET core
- How do I display Job Title in my Next Auth app
- EntraId Authentication / Authorization via .NET & React
- Azure Function app down due to wrong routing template in http trigger binding of a functions
- How can I force trigger MFA, when logging into Azure?
- Azured AD JWT authentication doesn't work for Web API hosted in docker using TestContainer
- azp Claim Missing from Azure AD JWT
- Retrieve all Users from all Groups?
- Cannot get AAD auth token in Logic Apps
- Attempting to set DisableCustomAppAuthentication to false for Azure not working from Powershell
- Using Azure Entra Id I cant see `Office 365 Exchange Online` under `APIs my organization uses`
- New tenant b2clogin URL returns error with "removed or changed"
- Azure Entra ID tokens endpoint issues an expired token
- Azure AD B2C password expiration
- Trouble when creating PowerBI report via JavaScript Client Library
- Azure Active Directory Enterprise App OpenID and User Provisioning (SCIM)