This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 24%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
Hi,
Is there a way to add trusted IP's into the Multifactor Authentication Settings via Graph API or Powershell?
Thank you for your time!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 0%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
@Kaden Kelsey Thanks for reaching out.
You can use Graph API for adding trusted IP for MFA, follow the guide here.
This will help you create a IPnameslocation :
POST https://graph.microsoft.com/beta/identity/conditionalAccess/namedLocations
Content-type: application/json
{
"@odata.type": "#microsoft.graph.ipNamedLocation",
"displayName": "Untrusted IP named location",
"isTrusted": false,
"ipRanges": [
{
"@odata.type": "#microsoft.graph.iPv4CidrRange",
"cidrAddress": "12.34.221.11/22"
},
{
"@odata.type": "#microsoft.graph.iPv6CidrRange",
"cidrAddress": "2001:0:9d38:90d6:0:0:0:0/63"
}
]
}
Check this page for more information.
-----------------------------------------------------------------------------------------------------------------
If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.
Hello vipulsparsh-MSFT,
Thank you for your response. Yes, that will create a named location, but not actually make any changes to the Multi-Factor Authentication Settings Page. I am trying to set the IP, and check this box.
https://account.activedirectory.windowsazure.com/UserManagement/MfaSettings.aspx?BrandContextID=O365
@Kaden Kelsey This is not possible as of now. You can upvote or give the related feedback here.
Hi Vipulsparsh,
Is there another way to accomplish this? We are using the Skype Online API and a custom portal to help manage our users. We are unable to pass the Windows credentials pop-up through to the web portal user and 2FA is required.
Thanks again for your time.