Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,859 questions
Azure - MFA Method details moved or hidden for Authentication Administrators role
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 51%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENS%3C/text%3E%3C/svg%3E)
Nicola Swan
20
Reputation points
Our helpdesk team have been assigned the Authentication Administrator roles in Azure to allow them to update MFA methods for our users who call in for help.
Recently the view has changed, and hides details like registered phone numbers, or puts them under the "non useable methods" fields, despite that being their default method for completing MFA.
Has anyone else seen this issue before, or is experiencing it now? What is the solution to revert back to a previous view where all methods registered were listed, whether they were used or not?
We have made no changes to our MFA settings for the institution, so unsure where this change came from without any notification.
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 89%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHE%3C/text%3E%3C/svg%3E)
Harshitha Eligeti 2,080 Reputation points Microsoft External StaffMar 10, 2025, 10:36 AM Hello @Nicola Swan
I understand that you are encountering changes in managing Multi-Factor Authentication methods, causing registered phone numbers to either be hidden or listed under the "non-usable methods" section, even though they are set as the default method for completing MFA.To revert to the previous view, where all registered methods are listed regardless of whether they are used or not, administrators can view user authentication methods in the Microsoft Entra admin center. Usable methods are displayed first, followed by non-usable methods.
Authentication methods may appear as non-usable for various reasons. Methods that are no longer available due to the requirement to re-register multi-factor authentication will also be listed here.
For more information, please refer to this document: https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-methods?source=recommendations#usable-and-nonusable-methods
I would like to understand which methods are showing up under the non-usable authentication methods, other than your registered phone number. Could you please attach a screenshot of the non-usable authentication methods currently displayed?Additionally, please refer to the following link for more details: https://learn.microsoft.com/en-us/answers/questions/1708290/authentication-methods-and-authentication-administ
Do let us know if you any further queries.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 90%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERE%3C/text%3E%3C/svg%3E)
Renno East 5 Reputation pointsMar 11, 2025, 1:20 PM On the left, the Authentication Administrator role view (in white); on the right, the Global Admin role view. The same issue is also affecting our helpdesk team, who can no longer view all authentication methods. Has there been a recent change to role permissions? How can we restore full authentication method visibility without granting additional privileged roles?
-
Harshitha Eligeti 2,080 Reputation points Microsoft External Staff
Mar 18, 2025, 10:15 AM Hello @Nicola Swan
Based on your Query, If the user does not verify their registration and, for some reason, returns to the previous page or skips the process, it will appear under the "non-usable authentication methods" tab in their profile. This is dependent on the verification process and registration, not on the view of the authentication administrator or global administrator. The global administrator has more privileges and can manage authentication methods, whereas the authentication administrator can only view users, not other admin accounts.
Do let us know if you any further queries. -
Harshitha Eligeti 2,080 Reputation points Microsoft External Staff
Mar 19, 2025, 8:27 AM Hello @Nicola Swan
Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back we are happy to help. -
Harshitha Eligeti 2,080 Reputation points Microsoft External Staff
Mar 20, 2025, 8:47 AM Hello @Nicola Swan
Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back we are happy to help. -
Nicola Swan 20 Reputation points
Mar 20, 2025, 2:11 PM Hi Harshitha
My setup is displaying in exactly the same was as Renno East above. The phone number method, though working fine before and since this change, is showing as non-usable for our Helpdesk team.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 38%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFC%3C/text%3E%3C/svg%3E)
Fedeles, Catalin 5 Reputation pointsMar 24, 2025, 3:23 PM We are experiencing the same issue and do not want to upgrade the Help Desk members to Global Admins.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 95%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Michael7140hz 0 Reputation pointsMar 24, 2025, 9:23 PM Same issue here. No changes to existing users that have the auth admin role. They were able to see details fine before, but not now. They can right click and see details or edit as needed, but not all details are shown as before. I have opened a ticket on this issue and troubleshooting, but as I have found others with this issue, I doubt it is just something in my tenant.
-
Harshitha Eligeti 2,080 Reputation points Microsoft External Staff
Mar 25, 2025, 11:09 AM Hello @Nicola Swan
I have tested the scenario and found similar results in my tenant as well. Therefore, I believe the recent changes may have been updated in the format you are currently seeing.
Do let us know if you any further queries. -
Harshitha Eligeti 2,080 Reputation points Microsoft External Staff
Mar 26, 2025, 8:13 AM Hello @Nicola Swan
Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back we are happy to help. -
Harshitha Eligeti 2,080 Reputation points Microsoft External Staff
Mar 27, 2025, 4:40 AM Hello @Nicola Swan
Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back we are happy to help. -
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 49%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPC%3C/text%3E%3C/svg%3E)
Phil Chaney 0 Reputation pointsMar 27, 2025, 5:01 PM We are seeing the exact same behavior in our tenant. Our Helpdesk team who have the Authentication Administrator role is affected in the same manner stated by all others in this thread. Please investigate/escalate this for a resolution.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 6%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
BrianBear 0 Reputation pointsMar 27, 2025, 6:07 PM adding our tenant to this behavior as well - same scenario - helpdesk users are in the Authentication Administrator role, this needs to be fixed
-
Phil Chaney 0 Reputation points
Mar 27, 2025, 6:44 PM I will add that it does appear to be only the Phone number (SMS) method that appears involved, as it indicates "Non-usuable" for the Authentication Administrator role, but shows properly for Global Admin.
-
Nicola Swan 20 Reputation points
Mar 28, 2025, 2:52 PM Ideally along with the others in this thread we would like this escalated, the point of the role of authentication administrator in our org need to be able to see and understand this information. Showing SMS in the "unusable" field when it's the primary use of authenticating for many users is causing confusion. Can it be looked into why this change was made, and how it can be reverted?
thanks
Sign in to comment
Sign in to answer