IOT Central MFA configuration.-

iot_test 1 Reputation point
2022-09-08T19:51:58.993+00:00

Hello i followed this tutorial yesterday [https://learn.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-azure-mfa] to try to get MFA for every user in an IOT Central app, sharing the same users in active directory and IOT Central but for some reason the MFA is just enabled everywhere in azure sing-in with those users but not enabled IOT Central sing-in screen for some reason (they arent the same sing-in screens).

I need to make a demo about this because we have a client that want a solution with those security option every time that the user closes or sing-in his session.

greatings.

Azure IoT
Azure IoT
A category of Azure services for internet of things devices.
403 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Sri Harsha Kalavala 6 Reputation points Microsoft Employee
    2022-09-08T22:38:44.783+00:00

    Hello @iot_test !

    Thanks for reaching out. Are you the same person interacting with me on twitter via this thread https://twitter.com/harshaunplugged/status/1567965229887397888? If so, I've just responded to your email with a sample video demonstration and asking for additional information.

    You can enable Multi-Factor Authentication via a conditional access policy following these instructions: https://learn.microsoft.com/azure/active-directory/authentication/tutorial-enable-azure-mfa#configure-which-apps-require-multi-factor-authentication.

    Make sure you "Microsoft Azure Management" is the cloud application selected as the target. As mentioned here (https://learn.microsoft.com/azure/active-directory/conditional-access/concept-conditional-access-cloud-apps#microsoft-azure-management), the Conditional Access policy targeted for this application will also take effect for all the related services/clients including Azure IoT Central so from that point on all the AAD users in the application should receive an MFA prompt at sign-in.

    Few things to double check/debug:

    1. Are you trying to demonstrate with an user with Microsoft Account?
    2. Is the user you're trying to demonstrate part of the AAD tenant associated with the Azure subscription of the IoT Central application?
    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.