This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(310.4, 23%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESH%3C/text%3E%3C/svg%3E)
When I did an "az login" I received this message:
"error":"interaction_required","error_description":"AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '797f4846-ba00-4fd7-ba43-dac1f8f63013'.\r\nTrace ID: 348d5fb2-e91a-476d-b7e1-6d4d787d0400\r\nCorrelation ID: 700a81e3-75c9-47e0-aad5-94bfed299947\r\nTimestamp: 2020-04-16 18:04:46Z","error_codes":[50076],"timestamp":"2020-04-16 18:04:46Z","trace_id":"348d5fb2-e91a-476d-b7e1-6d4d787d0400","correlation_id":"700a81e3-75c9-47e0-aad5-94bfed299947","error_uri":"https://login.microsoftonline.com/error?code=50076","suberror":"basic_action"
However, when I go to my SignInSignUp flow, it shows MFA (multifactor Authentication) is disabled. What is going on? Do I have a problem or not?
Thanks
Siegfried
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 76%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ES%3C/text%3E%3C/svg%3E)
Hi,
Yesterday our developer got the same message out of nowhere. Saying "you must use multi-factor authentication to access '797f4846-ba00-4fd7-ba43-dac1f8f63013".
But the AAD user itself can access his office.com resources with the same account and MFA for him works. He event reset the MFA device - still works, but he can't add his account to Visual studio. Tried different VMs. This is not related to VM's.
I just had a nice session with Brice from Azure support.
As part of a Microsoft AADB2C tutorial, I had created another azure directory/B2Ctenant. I was not aware that this process also created had created another user account. I don't know what this account is for -- I don't remember needing it for the AADB2C tutorial (so far). Deleting this new user account seems to have solved the problem (which was just an error message).
Thank you Brice
Siegfried
@Siegfried Heintze This is happening because Security Defaults is enabled for your tenant. You can disable it by navigating to Azure Portal > Azure AD > Properties > Click on Manage Security Defaults link > Toggle Enable Security Defaults button to NO.
Refer to https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-defaults for more information about Security Defaults.
-----------------------------------------------------------------------------------------------------------
Please "Accept as answer" wherever the information provided helps you to help others in the community.
@Siegfried Heintze and @subglo , Have you had a chance to work on the above suggestion?
Hurry! This works after having turn on the MFA (and having checked the token checkbox).
As I queried in the other post: Is there a way to make this work without having to use MFA?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 7.000000000000001%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
You Safe my life LOL!
Thank you!!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 16%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESN%3C/text%3E%3C/svg%3E)
I am also facing similar issue,
Trace ID: 35fe43dd-3eb4-4a6b-8ee0-344109584400
Correlation ID: b416aa26-7a02-4974-84c4-0356b96abc69
Timestamp: 2020-08-06 07:32:31Z. Response status code does not indicate success: 400 (BadRequest). {"error":"interaction_required","error_description":"AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '00000009-0000-0000-c000-000000000000'.
Please help on this.
Thanks in Advance.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 99%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVG%3C/text%3E%3C/svg%3E)
THANK YOU VERY MUCH SIR...IT WAS REALLY REALLY HELPFUL AS OUR POC WAS STUCK AND IT WAS A BIT URGENT ON TOP OF TIME ISSUE.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 81%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
Thank you, Sir! It worked
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 95%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJO%3C/text%3E%3C/svg%3E)
THANKSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS, solved my problem
@Siegfried Heintze Security Defaults is a recent feature added for improving security by forcing all users in the tenant to register and perform MFA, without requiring any Azure AD Premium license. However, in some scenario like in case of dev/test tenants, you would not want to perform MFA during testing. In that case, you need to disable Security Defaults and if you have enabled MFA already, you would need to disable that as well. I have shared the steps to disable Security Defaults in my previous answer.
To disable MFA, you need to navigate to Azure Portal > Azure Active Directory > Users > Multi-Factor Authentication. This will redirect to Azure MFA Portal, where you can select users, you want to disable MFA for. Please refer to screenshot below:
-----------------------------------------------------------------------------------------------------------
Please "Accept as answer" wherever the information provided helps you to help others in the community.
OK, I just tried my Ch03WebAppAPI demo again and it prompted me for MFA.
Now, I follow your instructions and it looks like I am already disabled for MFA. I don't see that extra column for INFO so I can enable/disable MFA for myself.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 18%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMB%3C/text%3E%3C/svg%3E)
Excellent! thank you very much those instructions worked.
@SiegfriedHeintze-9929 Could you please double check, if security defaults are Off by below option. Azure Portal > Azure AD > Properties > Click on Manage Security Defaults link > Toggle Enable Security Defaults button to NO.
Since it is a B2C tenant,
Oh shucks... I posted a response and this web site lost it! Let me try again.
Good news: I followed your instructions and now I can login with no MFA!
Bad news: I'm still getting this less than friendly message from "az login". Can you explain to me what it means? Why does it say that I have been logged in but then I have failed to authenticate? Do we need to fix something? Perhaps it is related to the troubles I have been having that I have described in other posts (on Azure Functions)?
WARNING: You have logged in. Now let us find all the subscriptions to which you have access...
WARNING: Failed to authenticate '{'additional_properties': {}, 'id': '/tenants/1e694636-92fd-4ca7-b666-d0545514eb69', 'tenant_id': '1e694636-92fd-4ca7-b666-d0545514eb69'}' due to error 'Get Token request returned http error: 400 and server response: {"error":"interaction_required","error_description":"AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '797f4846-ba00-4fd7-ba43-dac1f8f63013'.\r\nTrace ID: 71ce1029-29bf-46ea-b900-479128c38e00\r\nCorrelation ID: 34da890e-8c4d-484f-868f-9eeade415ebe\r\nTimestamp: 2020-04-30 16:13:24Z","error_codes":[50076],"timestamp":"2020-04-30 16:13:24Z","trace_id":"71ce1029-29bf-46ea-b900-479128c38e00","correlation_id":"34da890e-8c4d-484f-868f-9eeade415ebe","error_uri":"https://login.microsoftonline.com/error?code=50076","suberror":"basic_action"}'
[
{
"cloudName": "AzureCloud",
"id": "acc26051-92a5-4ed1-a226-64a187bc27db",
"isDefault": true,
"name": "Azure subscription 1",
"state": "Enabled",
"tenantId": "7a838aec-0b9e-4856-a3b5-2b02613f36a2",
"user": {
"name": "sheintze@hotmail.com",
"type": "user"
}
}
]