Azure MFA using SMS Method

Question

Hi MS Experts,

would like to ask your assistance as to why I am getting the error during MFA registration using SMS method. See attached.

Current Setup:

Entra ID Free License
Entra Domain Service
Security Defaults - Disabled
Per User MFA - Enabled on this user

Other User: (PH)
Correlation ID: 09d8f18f-8387-4ce0-b5bf-119bed532b04

Timestamp: 2026-06-08T04:51:12Z

Thank you!

Answer 1

After some digging, it appears SMS method us not supported under Entra ID Free license plan. It was back then under per user MFA but deprecated last Sep 2025.

https://learn.microsoft.com/en-us/entra/identity/authentication/howto-authentication-sms-signin

Anyone could validate this and confirm?

Answer 2

The error during SMS-based MFA registration is most likely related to issues with SMS delivery or the phone number’s reputation, combined with the limitations of SMS-based methods in Entra ID.

Based on the provided configuration (Entra ID Free, per-user MFA enabled, security defaults disabled), use the following steps to troubleshoot and resolve:

1. Verify the phone number configuration
   1. Ensure the user’s phone number and country/region code are correct in the user’s security verification settings and user profile.
   2. If another global admin exists, have that admin confirm the phone number in the user’s settings.
2. Check for basic SMS delivery issues
   1. Confirm the phone is working and has mobile service.
   2. If SMS is not received, try the voice call option if it is presented.
   3. If other verification options are configured (such as Microsoft Authenticator), select Other verification options and complete MFA with a different method.
3. Check if the user is blocked for MFA
   1. In the Azure portal, open Microsoft Entra ID.
   2. Go to Users and open the affected user.
   3. Verify that Block sign in is not enabled. If it is, disable it and retry MFA registration.
4. Consider that SMS-based authentication has limitations
   1. SMS-based authentication is not compatible with Microsoft Entra multifactor authentication in some scenarios.
   2. If SMS sign-in is being configured (rather than just SMS as an MFA method), be aware of these known issues and prefer Microsoft Authenticator or other methods.
5. Investigate telecom-related issues with Microsoft Support
   1. Since a Correlation ID and timestamp are available, open a support case with Microsoft.
   2. Provide the Correlation ID and timestamp so Microsoft can trace the MFA request through its telecom providers.
   3. If the phone number has a “bad reputation” or is blocked at the provider level (error patterns similar to 399287 in other cases), Microsoft Support and the telecom providers may need to reset or reroute SMS traffic for that number.
6. If SMS continues to fail, move to more reliable methods
   1. Configure Microsoft Authenticator or other modern methods (such as passkeys or certificate-based authentication) as the primary MFA method.
   2. Use SMS only as a backup if absolutely necessary, due to its delivery variability.

If the error persists after these steps, provide Microsoft Support with fresh sign-in samples (Correlation IDs and timestamps from the last 48–72 hours) so they can investigate downstream telecom issues.

---

References:

• You don't receive a text or voice call that contains the verification code for Microsoft Entra multifactor authentication
• Troubleshoot MFA voice call and SMS problems
• Configure and enable users for SMS-based authentication using Microsoft Entra ID
• "We didn't receive a response" error message when you try to sign in by using Azure Multi-Factor Authentication
• "Account verification system is having trouble" error message when you try to sign in by using a work or school account
• Error Code: 399287 - Microsoft Q&A Unable to Verify Identity for Azure Login – Error 399287
• Azure has blocked myphone number for SMS verification due to a “bad reputation” flag - Microsoft Q&A I try to login via SMS because my phone was reset and now I am getting: