I skipped Permission Requested Interface at the time of login with Azure . Provide ‘Grant admin consent’ permission. But Azure OTP validation (Azure Multi-Factor Authentication) now disable.
SKipped Below Interface :
I want to Enable OTP validation(Azure Multi-Factor Authentication) with ‘Grant admin consent’. Please guide me.
I am using below code
$auth_url = "https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/authorize" $client_id = "<client_id>"; $redirect_uri = "<redirect_uri>"; $data = array( 'response_type' => 'code', 'client_id' => $client_id, 'scope' => 'User.Read', 'redirect_uri' => $redirect_uri, 'response_mode' => 'query', ); $auth_redirect_url = $auth_url.'?'.http_build_query($data); drupal_goto($auth_redirect_url); exit;
MY Azure Back End permission image below :
I Want to enable OTP validation form(Azure Multi-Factor Authentication) of Azure with ‘Grant admin consent‘
Advertisement
Answer
I agree that this seems related to a conditional access policy or other setting that might be blocking MFA.
Ensure that you have disabled the setting for “Remember Multi-Factor Authentication.” https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#remember-multi-factor-authentication
Go to Azure Active Directory > Security > Conditional Access. You can ensure that there is no policy allowing MFA to be skipped, and if you want to be on the safe side you can create a new conditional access policy requiring MFA for all users. https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/app-based-mfa
NOTE: See, Require MFA for All Users
Go to aka.ms/mfasetup and make sure that MFA is set to “Enforced” for the individual users for whom you wish to enforce MFA. https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates