Azure AD Conditional Access: MFA "Trigger"

Christopher Irwin 1 Reputation point
2021-12-01T21:11:15.513+00:00

Is there a way for MFA to "trigger" at, say 7AM daily (instead of doing a 24-hour timeout after prompt)? I have a client asking if this is possible. I suppose an alternative would be to just have a 10-or-12-hour timeout, but I'd rather not get that draconian if possible.

Thanks!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,630 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 36,411 Reputation points Microsoft Employee
    2021-12-01T23:39:09.793+00:00

    The way you mentioned is the only way that I'm aware of to do this, given that the settings in the portal are based on days and hours. MFA is included in the sign-in frequency settings, which you can control. https://learn.microsoft.com/en-us/azure/active-directory/authentication/concepts-azure-multi-factor-authentication-prompts-session-lifetime

    I have shared your feedback with the product team for this feature and would be happy to include any details about your scenario, especially if you can provide a business justification. If you would like to raise a request yourself you can also do so on the Ideas forum. https://feedback.azure.com/d365community

    0 comments No comments