No MFA request when connecting in IE or edge

Françoise Pirard 21 Reputation points

I am currently deploying Azure MFA (cloud) in my organization.
I have set up a MFA "any time" strategy for my admin account and a conditional access MFA for a bunch of test users (requiring MFA when logging in "not trusted" places - that is ouside our office-IP range). It works prety well in these remote working troubles times.
EXCEPT that, no MFA is requested when logging in through IE or Edge webbrowser.

  • I do not check the "keep me signed in" box when signing in
  • I disconnect from my session before closing my browser
  • I tried "Sign out every where" in my azure profile (and restarted my computer)

still... no MFA requested in IE/Edge.
What am I doing wrong?

Thanks in advance for your help

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,088 questions
0 comments No comments
{count} votes

Accepted answer
  1. Vasil Michev 98,196 Reputation points MVP

    Is the device Azure AD joined? If so, that's the expected behavior. In such scenarios you authenticate via the so-called primary refresh token, which is considered as a form of MFA.

0 additional answers

Sort by: Most helpful