Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,904 questions
Modern Authentication, Users still have to authenticate with MFA after authenticating when using an Office 365 product.
Johnson Tran
1
Reputation point
Hi everyone,
I've been struggling to get SSO to work along with MFA. We want the users to be able to authenticate only once with MFA through Office 365. However, every time the user logs into an application such as SharePoint, Teams, OneDrive, Etc, MFA is being prompt and requests the user to enter MFA authentication.
Through our AADC server, with Azure AD Connect, under Change user sign-in, I have the following checkbox: Password Hash Synchronization, Enable single sign-on.
The only solution I came up with to temporarily cover this solution is to enable the additional cloud-based feature MFA in Azure and enabled the "remember multi-factor authentication on trusted device". I don't want to use this feature and want SSO to completely take over for the apps, whether joining a different network or using a different device.
I have also placed a conditional access policy to force users to reauthenticate with MFA every 23 Hours.
If I can get some help with this, that would be greatly appreciated, as I've also placed in a support ticket.
{count} votes
-
ShashiShailaj-MSFT 7,466 Reputation points Microsoft Employee
2022-05-23T14:59:58.743+00:00 @Johnson Tran Apologies for getting back late on this. Did you find the solution for this with support . In case you did , it would be great if you could share the solution with the community. If you still need any help on this , please let us know.
Sign in to comment