Yes, you can scope each authentication methods to select groups as needed. Both include and exclude mode are supported. And you can continue using per-user MFA if you want, it's still available.
Can a group be created where Multi-Factor Authentication is not enforced after the transition to the new Authentication methods policy?
Hello!
We are going to transition to the new Authentication methods policy and have some users for whom enforcing MFA is not feasible (for example, primary school children who don't have phones). Will it be possible to create a group for these users where MFA is not enforced?
Thanks in advance for your help!
Best regards,
Lukas
2 answers
Sort by: Most helpful
-
-
Prakash Vankudoth (Quadrant Resource LLC) 5 Reputation points Microsoft Vendor
2024-09-11T07:18:27.3866667+00:00 Hi, Lukas Lüdecke
Adding information provided by the Vasil Michev,
If you have premium license in your tenant, you can create a new conditional access policy.
Follow the below link to create a policy: Enable Microsoft Entra multifactor authentication - Microsoft Entra ID | Microsoft LearnPlease reach out to us for further queries.
Thanks,
Prakash V.