This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 67%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Hi Team,
We have enabled the MFA in our organisation and we have created conditional access policy for the service accounts to exclude from MFA. We have disabled the MFA for those accounts under O365 admin > Active users> MFA when we try login to those accounts it still take us to the MFA Registration page and users have to click on skip setup each time when i try login. Is there any options available which bypass the MFA registration page? Please advise.
Thanks,
Ranjit
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Glad to see that you managed to get this resolved.
Remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin
MFA registration can be assigned via different means - you'd want to check all possible options
https://learn.microsoft.com/en-us/entra/id-protection/howto-identity-protection-configure-mfa-policy
https://learn.microsoft.com/en-us/entra/identity/authentication/howto-mfa-userstates
hth
Marcin
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 35%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZM%3C/text%3E%3C/svg%3E)
@Ranjit Singh,Thanks for posting in Q&A.
From your description, I know you want to disable MFA for some accounts.
I have done research about this problem, here are some information you can refer.
1.If you have enabled MFA in your organization and want to create Conditional Access policy to exclude some accounts from MFA, in the Users session, you can select the user group for Exclude and in Target resources session, select All cloud apps, then in Grant session, select Require multifactor authentication.
2.You can disable MFA for specific users in the Microsoft 365 admin center.
3.You can revoke multifactor authentication session in Microsoft Entra ID portal.
Hope it will help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
@Ranjit Singh, Hope things going well.
Recently, Microsoft Entra has forced the launch of a CA policy to enable MFA for account security. This policy cannot be canceled or edited. Therefore, please go to the Microsoft Entra portal to see if there is a policy that enforces the use of MFA.
I figured out the issue was SSPR setting was assigned to all users, there is no option to exclude users, either assign it to a group or All users. So I ended up creating a Dynamic group for users need to be setup for SSPR which resolved the issue.
I figured out the issue was SSPR setting was assigned to all users, there is no option to exclude users, either assign it to a group or All users. So I ended up creating a Dynamic group for users need to be setup for SSPR which resolved the issue.
I figured out the issue was SSPR setting was assigned to all users, there is no option to exclude users, either assign it to a group or All users. So I ended up creating a Dynamic group for users need to be setup for SSPR which resolved the issue.