admin permission for MFA setting and conditional access only

roei zamir 6 Reputation points
2020-02-13T07:11:16.607+00:00

Hi,

i am deploying the azure MFA with conditional access to my users
and i would like to grant limited permissions to my Helpdesk team so the will only have permissions to open the MFA settings for : grant OTP / Block and unblock and also to add new users to conditional access i have created

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,389 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasil Michev 94,911 Reputation points MVP
    2020-02-13T08:07:25.187+00:00

    OTP/Block/Unblock are features only available for MFA server, not Azure MFA. As for managing CA, use the Conditional Access Administrator or pick the best suitable role from the list here: https://learn.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles

    1 person found this answer helpful.
  2. roei zamir 6 Reputation points
    2020-02-16T12:34:43.43+00:00

    i need to grant my helpdesk team permissions that they will be able to do OTP /BLOCK AND UNBLOCK for start

    what permissions i need to give them

    0 comments