Is there any good way to pass multi-factor authentication from program in azure active directory?

Keiichi Hikita 41 Reputation points
2022-05-23T02:20:32.47+00:00

I am implementing Single Page Application(SPA) software which uses Multi-Factor authentication with Azure Active Directory.
For this software, I would like to automate the E2E testing(Browser Testing) as well, using Cypress (a kind of JavaScript program).

Is there a good way to get past Multi-Factor Authentication from such a program in this case?
For example, if Multi-Factor Authentication uses "security code to a mobile phone", it will be possible if I can generate this security code automatically.

Thanks in advance, Please let me know if you have any good ideas.

Best regards,
Keiichi Hikita

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments No comments
{count} votes

Accepted answer
  1. AmanpreetSingh-MSFT 56,871 Reputation points Moderator
    2022-05-23T15:21:18.657+00:00

    Hi @Keiichi Hikita • Thank you for reaching out.

    If I understood you correctly, you are looking for a way to automate Multi-factor Authentication by configuring the application to auto-generate and submit the same security code/OTP as sent via Azure MFA.

    If that is the case, there is no way to achieve this. As in general, for MFA to complete successfully, the below factors are considered:

    • Something you know. Which is typically a password.
    • Something you have. Which could be a mobile device or a registered hardware device token.

    Optionally, based on the configuration, it may require you to provide evidence of

    • Something you are. Like a fingerprint or some other biometric data.

    Automation can be done for "Something you know" but not for "Something you have" or "Something you are" as these factors require human intervention.

    The best you can do is, configure a conditional access policy to trigger MFA and exclude the test account/test application/IP address (if it is public IP) of the testing device from the conditional access policy to skip MFA. Unfortunately, when MFA is enforced, you cannot automate the authentication.

    -----------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Keiichi Hikita 41 Reputation points
    2022-05-24T00:24:59.253+00:00

    HI @AmanpreetSingh-MSFT ,

    Thank you for your quick and kind response.
    I understood answer is very clear and there are no good ways to skip MFA.

    Azure Active Directory I use as authentication server is managed by another organization in our company, so I will check if it is possible to insert bypass settings into it.

    Thank you very much.

    Best Regards,
    Keiichi Hikita

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.