Azure Active Directory - Authentication Admins are unable to view Authentication methods

Christian Carrasco 65 Reputation points
2023-01-26T20:53:14.0033333+00:00

I created a custom PIM group and assigned the Authentication Administrator and User Administrator Azure AD roles.

I removed them from the Authentication Administrator and User Administrator Azure AD roles and added them to the PIM group.

Now when they open Authentication methods for a regular user, they are not able to view the data. I waited about 30 minutes but still same error.

I then removed from the from PIM group and back into the Authentication Administrator role and waited another 30 mins. They still get the same error message when trying to access Authentication methods.

I verified they have an ACTIVE assignment in Authentication Administrator. I'm trying to figure out why they don't have the access.

Thank you

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,664 questions

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Christian Carrasco 65 Reputation points
    2023-01-27T16:34:45.7966667+00:00

    I discovered the user has the Power Platform and Power BI Administrator roles. The helpdesk agent has Authentication Administrator role but that only works for regular, non-adminstrator users. That will not work for user account with administrator roles.

    Because of that the helpdesk agent needs Privileged Authentication Administrator or Global Administrator roles to work in Authentication methods for the user account and re-register MFA.

    1 person found this answer helpful.
    0 comments
  2. Christian Carrasco 65 Reputation points
    2023-01-26T22:29:10.8833333+00:00

    Hello Andy. I had the agent clear their cache as well as open an incognito browser with fresh login and still unable to view data in Authentication Methods.