![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 63%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
25,151 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @Rizwan Assad ,
The registration enforcement is done through Identity Protection (Reference: Configure MFA registration policy). So if MFA is enforced through Identity Protection, users are asked to register during sign-in. They register multifactor authentication methods and SSPR methods (if the user is enabled for SSPR).
Users will be asked to register additional information allowed by the Authentication methods policy settings when the registration is required.
The Authentication Methods Policy experience also consolidates the configuration of MFA and SSPR methods into Authentication Methods Policies. Like you said, the Authentication Methods policies also have more enhanced configurations.
So you still need Identity Protection for enforcing the MFA registration, but you need to allow or disallow MFA options through Authentication Methods Policies (as opposed to the previous legacy experience).
Let me know if this is what you were asking, if I understood your concern, and if you have further questions. I'm happy to help improve the document and get clarity from product groups if anything is unclear or inconsistent.
-
If the information helped you, please Accept the answer. This will help us and other community members as well.