We changed sign in frequency to 7 days. Initially it was every day. When it was every day users complained they were having issues many times a day being prompted and then not seeing apps in their mobile Outlook app. Images of the settings added.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
After enabling MFA on users accounts and applying conditional access policy we identified some users experiencing the following issues
Are there any correlations to the frequency of login requirements to the conditional access policy?
just curious if others experienced these issues and how they resolved them
We changed sign in frequency to 7 days. Initially it was every day. When it was every day users complained they were having issues many times a day being prompted and then not seeing apps in their mobile Outlook app. Images of the settings added.
Hello @CH_FL
I just wanted to add a few details on this one.
-The following settings, such as Remember MFA and Remain signed-in, can result in prompts for your users to authenticate too often.
-A user might see multiple MFA prompts on a device that doesn't have an identity in Azure AD. Multiple prompts result when each application has its own OAuth Refresh Token that isn't shared with other client apps
-You can try to click the option "Revoke sessions" and test it
-Use the "Trusted devices" option
Regards,
Thank you all so much
We do have the option "Show option to remain signed in" enabled but we can encourage users to check it.
Will have a look at the other suggestions "application has its own OAuth Refresh Token that isn't shared with other client apps" and "conditional access policy settings"