Can I invoke an Azure B2C custom policy with MFA without redirecting to a browser to complete login?

Roei 46 Reputation points

We are trying to use Azure B2C to initiate login flows from our native mobile app without redirecting users to a browser to complete the login flow.

We understand that generally the built-in User Flows will all open a browser window on the device and then redirect users back to the app after the login is complete and this seems to be the case with the IEF Custom Policies as well.

We decided to use the ROPC flow in order to have an endpoint which our native mobile app can call to receive the access token, however we want MFA to be part of the login flow, and it seems based on Microsoft's documentation that ROPC flow is not compatible with MFA.

Is there a way to create a custom IEF policy in Azure B2C which will not redirect the user to a browser to complete the login but will also allow us to have MFA as part of the user journey?

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,677 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Shweta Mathur 28,031 Reputation points Microsoft Employee

    Hi @Roei ,

    Thanks for reaching out and apologies for delay in response.

    Azure AD B2C introduced client credential flow which is currently in public preview which can be used to authenticate without user interaction, but MFA require human interaction and it is not possible to authenticate with MFA without user interaction.
    Human authentication requires browser surface to initiate/conduct the interaction between the token issuer (B2C here) and the human.

    ROPC is the only flow not using the browser and hence it is not possible to implement MFA without redirect to browser.

    Hope this will help.



    Please remember to "Accept Answer" if answer helped you.

    0 comments No comments