[SOLVED] Access to Azure platforms (portal and DevOps) dont use MFA preferred methods

Polo 26 Reputation points
2022-11-14T08:15:26.907+00:00

Hi there, I'm experiencing an issue for some time now, and it's that whenever I try to log-in at Azure portal (https://portal.azure.com/) or Azure DevOps (https://dev.azure.com/), I am being requested to reply to the notification sent to the Authenticator app of my smartphone, and any other options configured in my account as MFA methods are not shown/offered at all.

For some reason, the notification sent to the app is never arriving (checked several times that the MFA configuration in my account is correct). Even when trying to delete the app notification as MFA method, and allowing only the SMS code, call, or security questions; I am still being asked to respond to the notification.

Inside my organization they have already tried to restart the security configuration of my account, but the issue persists. No matter what configuration options I enable as MFA access methods, Azure platforms would ALWAYS require me to accept the app notification.

Furthermore, if I click on the "I cannot use my Authenticator app right now" option, the next page allows me only to re-send the notification or to enter a code that is being shown in the Authenticator app. Ridiculous, since I clicked on "I cannot use the Authenticator app"...

Also note that the temporary codes being shown in the Authenticator app are not working at all, and the log-in page shows some "invalid code" errors whenever attempting to use them.

-------------------------------------------------------------------------------------------------------------------------------

SOLVED

The MFA configuration should not only be changed from the organization level, but also inside the cluster in Azure portal itself. Allowing SMS codes inside the login options for the cluster allowed me to re-gain access. A colleague of mine with sufficient permissions included SMS as an option.

Hope this will help :)

Azure Role-based access control
Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
722 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,577 questions
0 comments No comments
{count} votes

Accepted answer
  1. Givary-MSFT 30,841 Reputation points Microsoft Employee
    2022-11-14T12:14:50.537+00:00

    @Polo Thank you for reaching out to us.

    I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this. Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others", I'll repost your solution in case you'd like to "Accept" the answer.

    Answered by @Polo

    The MFA configuration should not only be changed from the organization level, but also inside the cluster in Azure portal itself. Allowing SMS codes inside the login options for the cluster allowed me to re-gain access. A colleague of mine with sufficient permissions included SMS as an option.


0 additional answers

Sort by: Most helpful