none
Option with MFA RRS feed

  • Question

  • Here what I understand:

    There a 2 MFA Option with Office 365: MFA in clound(via Office 365 or Azure, and  a MFA Server.

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-whichversion

    Is there a way to force a groupe of user( or case user with itune device) to use Microsft Authenticator as second factor and force another groupe of user to use Voici/SMS as second factor?

    Thank you

    Sebastien

    Tuesday, May 21, 2019 1:52 PM

All replies

  • Hi Bistro40,

    You can technically use MFA Server tags to achieve something like this but it is not advisable. Also, MFA Server will be deprecated in the not too distant future, so it is not a good long-term solution. 

    For cloud MFA this is not possible unless you use ADFS in combination with O365, where you can specify the authentication method to use on the 'Office 365 Identity Platform' relying party trust but there are a lot of restrictions for that method. When using ADFS, users won't be able to have fallback methods when one method is selected, and if they use the wrong method they'll receive multiple MFA prompts until they select the right method.

    Tuesday, May 21, 2019 11:00 PM
    Moderator