Share via

Require Re-Register MFA is grayed out for Authentication Administrators

Rouke Broersma 21 Reputation points
2021-01-19T11:55:10.873+00:00

Similar to this github issue: https://github.com/MicrosoftDocs/azure-docs/issues/60576

Our registered Authentication Administrators are not able to request re-register MFA for users. They used to be able to.
Our Global Administrators are able to use this feature.

Please advise which role should be assigned for Require Re-Register MFA.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,897 questions
0 comments
Accepted answer
  1. JamesTran-MSFT 36,481 Reputation points Microsoft Employee
    2021-01-20T00:56:02.177+00:00

    @Anonymous
    Thank you for your post!

    I tested this out within my tenant and was able to re-require MFA with my user who is an Authentication Admin. I also found out that this doesn't work for all accounts, only users who are aren't in an admin role, as stated within the GitHub issue you mentioned. For more info.

    If you'd like to re-require MFA for all users, including Global Admins, you'll need to use the Privileged Authenticator Administrator role.

    58332-mfa.gif

    If you have any other questions, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    2 people found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest