MFA with web app. We use AZURE Active Domain

Reed, Davie 1 Reputation point

We use IIS on Windows Server 2016. My web app works nicely.

We also use the MFA/2FA feature of the AZURE Active Domain system. Essentially, when a remote user tries to get into our servers via Remote Desktop, it will CALL the user's phone and they have to press "#" to continue. AZURE is making the call. Somehow it's integrated with our on-prem domain controller and our RADIUS server.

I would LIKE to have my web app use the MFA capabilities of AZURE to call the user and validate them, just like the Remote Desktop connection does. So the server-side code of my web app would somehow make a function call to some magic API that does all the work and returns true or false. BTW: I do NOT know any phone numbers of the users. I would like AZURE to do all the magic.



Azure App Services
Azure App Services
A feature of Azure App Service used to create and deploy scalable, mission-critical web apps.
4,561 questions
Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,556 questions
No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Thierry Eppner 1 Reputation point


    This documentation will help you doing what you want :


  2. Reed, Davie 1 Reputation point

    Thanks Thierry;

    I was expecting a bunch of APIs that I would have to program to get the MFA to work.

    This is entirely different. It looks like it's a "generic" authenticater for "ANY" web site we may have. AND NO ADDITIONAL WEB PROGRAMMING.

    IE: It's a traffic cop that STOPS traffic to our web site and instead will prompt the user for their domain network login creds and then the cop will tell AZURE to authenticate (maybe with a phone call). Once verified, the cop will let the traffic flow and the user can then access our web site.

    Is that correct?