B2C custom policy with optinal MFA for user

Vikas Tiwari 761 Reputation points

Hi @AmanpreetSingh-MSFT ,

I am looking for any custom policy sample with optional MFA when user logs in, so that user can skip the MFA (i.e. setup later) and proceed with login. I have tried sample policy here (https://github.com/azure-ad-b2c/samples/blob/master/policies/mfa-email-or-phone/readme.md) but it doesn't have cancel button when uses given policy.

Is there any way we can implement optional MFA scenario through custom policy.


Azure Active Directory External Identities
{count} votes

1 answer

Sort by: Most helpful
  1. James Hamil 17,376 Reputation points Microsoft Employee

    Hi @Vikas Tiwari , This sample might be the most helpful one for you. It allows you to set up MFA on a policy, or require MFA for certain portions of an application but not others.

    The issue though is that if you have MFA enabled, all users must register for it initially. It's a good security practice in the long run so users are better protected. But I do understand how this could be an issue for you.

    Hopefully you can work with that sample to get close to your needs, but by default we don't offer the option to sign up later. Please let me know if you have any questions and I'd be happy to help.

    If this answer helped you please mark it as "Verified" so other users may reference it.

    Thank you,