SSO Azure B2B External Tenant - Enable OTP+MFA if User is already using Azure

Gaurav Chopra 0 Reputation points
2024-07-12T07:02:31.0933333+00:00

Hello Team,

For SSO Entra External ID, how can we enable MFA+OTP option in case the customers are already on Azure/Entra?

For example - We have our app setup on Microsoft Entra External ID and want to onboard customers for Non-Federated access with Email + OTP + MFA method. However as they are already on Azure/Entra, it is most likely setting them up for Auto Federation.

Can this be supported without any action required from customers?

Microsoft Security | Microsoft Entra | Microsoft Entra External ID
Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

1 answer

Sort by: Most helpful
  1. Navya 20,100 Reputation points Microsoft External Staff Moderator
    2024-07-16T07:06:45.5+00:00

    Hi @Gaurav Chopra

    Thank you for posting this in Microsoft Q&A.

    I understand like your customers have accounts in a workforce tenant with Multi-Factor Authentication (MFA) and One-Time Passwords (OTP), and you've set up an application in an external tenant. If my understanding of the issue is incorrect, feel free to post back.The external tenant is where you'll register your apps, create sign-up and sign-in user flows, and manage the users of your apps. The consumers and business customers who sign up for your apps are added to the tenant directory, but with limited default permissions.

    Email with one-time passcode is an option in your local account identity provider settings. With this option, the customer signs in with a temporary passcode instead of a stored password each time they sign in. This can be supported without any action required from customers.

    For more information: https://learn.microsoft.com/en-us/entra/external-id/customers/concept-authentication-methods-customers#email-with-one-time-passcode-sign-in

    Hope this helps. Do let us know if you any further queries.

    Thanks,

    Navya.

    Please remember to "Accept Answer" if answer helped you.This will help us as well as others in the community who might be researching similar questions.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.