This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 53%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
We are trying to use Azure B2C to initiate login flows from our native mobile app without redirecting users to a browser to complete the login flow.
We understand that generally the built-in User Flows will all open a browser window on the device and then redirect users back to the app after the login is complete and this seems to be the case with the IEF Custom Policies as well.
We decided to use the ROPC flow in order to have an endpoint which our native mobile app can call to receive the access token, however we want MFA to be part of the login flow, and it seems based on Microsoft's documentation that ROPC flow is not compatible with MFA.
Is there a way to create a custom IEF policy in Azure B2C which will not redirect the user to a browser to complete the login but will also allow us to have MFA as part of the user journey?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hi @Roei ,
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks,
Shweta
Hi @Roei ,
Thanks for reaching out and apologies for delay in response.
Azure AD B2C introduced client credential flow which is currently in public preview which can be used to authenticate without user interaction, but MFA require human interaction and it is not possible to authenticate with MFA without user interaction.
Human authentication requires browser surface to initiate/conduct the interaction between the token issuer (B2C here) and the human.
ROPC is the only flow not using the browser and hence it is not possible to implement MFA without redirect to browser.
Hope this will help.
Thanks,
Shweta
--------------------------------------
Please remember to "Accept Answer" if answer helped you.