Share via

user MFA is disabled however PIM activation is asking for MFA

Simon Li 11 Reputation points Microsoft Employee
Aug 26, 2021, 12:01 PM

hi team, what if a user's MFA status is "disabled" however in the PIM role setting, the activation is set to "required MFA". what will happen when the user is trying to activate the eligible assignment.

Microsoft Entra
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 36,901 Reputation points Microsoft Employee
    Aug 27, 2021, 12:17 AM

    PIM takes precedence and will override any other MFA settings, so that is expected behavior. Enabled/enforced/disabled doesn't matter to any of the Azure AD features since it's intended for per-user MFA.

    3 people found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.