In Azure AD B2c I am using Custom Policy to sign in using Username only and want to configure MFA using Email?

Mepani Arvindkumar Vishram 1 Reputation point
2020-10-21T11:36:21.23+00:00

In Azure AD B2c I am using Custom Policy to Signup and sign in using Username only and want to configure MFA using Email which is used while signup process email verification.

I am confused about where do I start,
How can I get email address which is stored while sign up?
How can I configure MFA with Email?

In future we might be using MFA Either using Phone or Email which Sign in using username only.

Any suggestions much appreciated.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,576 questions
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. James Hamil 20,741 Reputation points Microsoft Employee
    2020-10-21T21:00:02.827+00:00

    Hi, email MFA is not currently supported. All suported MFA methods are listed here. This thread should help with custom policy!

    0 comments No comments

  2. Mepani Arvindkumar Vishram 1 Reputation point
    2020-10-22T12:27:58.727+00:00

    34361-image.png

    I do not agree with you @James Hamil

    See attached screenshot, I have created user flow for testing purpose and in that it is clearly visible that MFA with Mail and Phone is supported and option is also available.

    Can you please verify again?

    As If MFA is supported then I need to test and configure when MFA will be prompted After 15days or 90 days?


  3. James Hamil 20,741 Reputation points Microsoft Employee
    2020-10-26T21:43:47.87+00:00

    Hi, @Mepani Arvindkumar Vishram the product group said to use this sample and apply to username based sample! Hope this helps.

    0 comments No comments

  4. Mepani Arvindkumar Vishram 1 Reputation point
    2020-10-29T09:08:54.997+00:00

    Hi, @James Hamil thanks for your response.

    I have found one custom policy mfa-email-or-phone which is using Email for Signup and SignIn, However, I am using username for login.

    For mfa-email-or-phone custom policy how to configure MFA Session to skip MFA Prompt for Every sign in?

    When I am testing Policy on Azure AD B2C Portal it will always prompt MFA dialog for both Email and Phone method,
    How can we configure and Test MFA Session?

    Thanks in advance for any suggestion

    0 comments No comments