![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 75%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYM%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,466 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 79%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Hello,
As far as I know it is not possible to have different type of MFA verification based on users or groups.
For the segregation per application it's the same I'm not aware of something like that, for me if the user registered for one method of MFA it will be used for any applications this user will access if MFA is configured for the application via conditional access or per user MFA
For the MFA enrollment you can use something like Identity Protection which will help you enforce MFA registration at sign in
https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/concept-identity-protection-policies
If you use MFA registration policy with Identity Protection no need for email because users will be prompted to register for MFA at sign-in
I'm not aware of something out-of-box regarding automatic email to notify user to register for MFA, I think you will have to create your routine
Regards,