This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello everybody, I'm Global admin, and i want to add some authentication methods for users, but when i'm on AAD, everything is greyed out, Need some helps ![140721-azure-ad.png][1] Thanks, [1]: /api/attachments/140721-azure-ad.png?platform=QnA
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
I tried on my tenant with a global admin role and could not reproduce this, as I was able to access all of the greyed sections. Does this happen for all users or just some if you try to add the authentication methods? It looks like you are trying to do this in aad.portal.azure.com. Do you have the same issue if you do this from portal.azure.com? This should really only happen if you are using an account that does not have the right permissions, and the global admin account should have permission to do this.
I also reached out to my contacts on the product team to see if they have any idea why this could be happening and will let you know when I have an update. I tried in both the admin center and the regular portal and it worked fine for my Global Admin account.
Yes, i tried it and i can add from https://mysignins.microsoft.com/security-info
But still nothing on AAD portal, still greyed out
Yes, I was able to reproduce this in my own tenant. I'm not sure whether this is expected and couldn't find it documented anywhere so I notified the product team. Will let you know as soon as I get a response. In the meantime, adding the authentication methods from the signins page or with a second global admin account does appear to work.
Ok, thank you
I am waiting for your reply, this only happens on my account
For all other users I can add authentication methods
Are you able to add them from https://account.activedirectory.windowsazure.com/ ?
If not, you can try creating a second global admin account to add the authentication methods to your account.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(76.8, 40%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERP%3C/text%3E%3C/svg%3E)
Hello there I have the exact same issue als global administrator that I can not change my own account settings only for others, this does not make sense, would be nice if Microsoft can come into this and tell why this is not working properly.
I can also change from https://mysignins.microsoft.com/security-info but this does not enable the MFA for Azure Login .
The response from the PG is that this is due to the converged MFA/SSPR, which is enabled by default now for every tenant. https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-registration-mfa-sspr-combined
The Global Admin can only add the auth method such as mobile number or alternate mobile number on behalf of the user, but the user has to select his or her preferred mode of responding to the MFA and set this option up using the security info page.
Let me know if this helps answer this at all. I agree that it feels counterintuitive and inconsistent to be able to add it for everyone else and then have it greyed out for myself, and I have relayed that feedback to the product team.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(224.00000000000003, 91%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
What if I am that user? I am global administrator and I want to add MFA for myself. I am logged in and everything is grayed out.