Any Graph API available for MFA?

Question

Is there any graph API for the MFA (multifactor Authentication)?. Currently i am using this api for username and password for authentication purpose. https://login.microsoftonline.com/{tenant-ID}/oauth2/token(Ref Figure)

I got this error for using this API - "error_description": "AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '00000003-0000-0000-c000-000000000000'." Is there any alternate api for the accounts that have MFA enabled? or any alternate solution. If any alternate api is available, please provide the required URL and the body content as shown in the above image

P.S - This API worked for the ID's that does not have MFA enabled.

Thank You

Answer 1

Hi @Hari Shankar

The ROPC flow is a silent login flow that authenticates by hardcoding username/password and will be blocked at login if your users have MFA enabled.

The flow suitable for authenticating users who have enabled MFA is auth code flow, because the auth code flow is an interactive login flow, which logs in users through browser interaction.

Hope this helps.

If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.

Answer 2

Good morning,

I have the exact same error, honestly I've never been able to resolve it. My goal is to avoid MFA on my intranet and even having used Azure Conditional Access, the Graph API still poses the same problem. So are we required to have the MFA pop-up appearing on the intranet?

Thanks