How to create something like this for MFA registration??

Question

I see this help article which outlines the MFA registration process. https://ucalgary.service-now.com/kb_view.do?sysparm_article=KB0032748

• Users signin to their account information portal which details the last signin and password expiry information. I assume that is being pulled from AzureAD.
• It also give the option to enable MFA, anfd the experience looks like when an app is configured to use MFA by a CA in Azure.
• And then enable MFA pops up a new window which does not seem like the usual experience of MFA registration.

If any one can give some direction on all 3 of these. It would be nice if we can replicate this in our org?

Answer 1

Hi @RT-7199 , you would first need to create a sign-up/ sign in flow. For the password information you need to set up a password reset policy. Now from here things can go a few ways. You can use MS Graph, custom policy, or AD attributes. For example, you can pull pwdLastSet. For MFA you can do a few different things but this method is a good start. Please let me know if you need more details or if I left something out!

If this answer helped you please mark it as "Verified" so other users may reference it.

Thank you,
James

Answer 2

@James Hamil User flow is part of Azure AD B2C. We don't have external users and also the example university they would also be doing for their staff/students which are not external users.
I was more curious how Azure AD MFA enable button has been created and as you say it seems underlying MS graph call. We want to give option to users to voluntarily enable MFA on their account.
I attempted to make a enable MFA button in PowerApps and was successful which adds users to group which is used in CA and requires MFA for all cloud apps.
I will need to find out how can it be shown on a page where users can login and also figure out the licensing.