Request Denied of Accessing the Authenticator

Xu Cali 0 Reputation points
2024-07-16T00:13:17.2366667+00:00

User's image

When I click "View Details", it will automatically redirected to the login page, but my Authenticator has not received any request.

User's image

Clicking any link on this interface will jump to the login interface.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Authenticator
{count} votes

1 answer

Sort by: Most helpful
  1. Sandeep G-MSFT 20,906 Reputation points Microsoft Employee Moderator
    2024-07-16T10:08:10.4766667+00:00

    @Xu Cali

    Thank you for posting this in Microsoft Q&A.

    Error Code: 500121 This typically occurs when authentication failed as part of the multi-factor authentication (MFA) request, it may indicate a configuration or service error. To resolve this issue, can you try resetting (require re-register) MFA for your user.

    To perform this there is no option where you can reset your MFA by your own. You will have to contact Azure AD administrator in your organization to get MFA reset for your account.

    If you don’t know who the admins are then you can follow below steps to know who the admin in your tenant is. There is a PowerShell way to find global admin in your Azure AD. However, to use PowerShell as well you will have to authenticate yourself first. For authentication again it will prompt for MFA to be completed.

     

    I would suggest you ask one of your colleagues to perform below steps and share the global admin details with you so that you can contact admin and get your MFA registerd.

    • Open Windows PowerShell as administrator.

    • Run command “Install-Module azuread”

    • Once installed you can run command “Connect-AzureAD” and enter user credentials once it asks for.

    • Once you login, you can run command “Get-AzureADDirectoryRole”.

    • From the output you can copy the object ID of Global administrator

    • Run command “Get-AzureADDirectoryRoleMember -ObjectId "Paste the object ID of global admin that was copied earlier"

    • You will get the list of users with global admin role assigned.

     

    Now you can contact any global admin from the list and ask him to perform below steps to reset your MFA so that you can re-register for authenticator app.

    • Admin has to login to Azure portal and access Azure active directory.

    • Once done they have to go to users blade on the left.

    • Click on Authentication methods and click on “Require re-register multifactor authentication”.

    • Now when you try to login to Azure services it will prompt you to register for MFA again.

     

    97607-image.png

    Let me know if you have any questions.

     Please "Accept the answer" if the information helped you. This will help us and others in the community as well.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.