MFA sms authentication for External users does not work

Question

Hi,

Our company would like to implement MFA for external B2B users. For simplicity, external users should only authenticate via sms.

I found information that the authentication strength policy can only be applied to external users who authenticate with Microsoft Entra ID.

https://learn.microsoft.com/en-us/entra/identity/conditional-access/howto-conditional-access-policy-authentication-strength-external

I then tried to create a policy requiring only multi-factor authentication without a strength policy and create a procedure for employees to configure sms-only authentication without Microsoft Authenticator, but when external users try to access a Sharepoint resource, they are told to configure Microsoft Authenticator and sms authentication does not work.Why is this?

How can I set up MFA access for external users by configuring sms authentication only?

Thanks for your help

Answer 1

Hi @Paweł Konkel [FibriTech] ,

It is not possible to set up MFA access for external users by configuring SMS authentication only. The allowed authentication methods for MFA fulfillment when completed in an external user's home tenant include text message as a second factor, voice call, Microsoft Authenticator push notification, Microsoft Authenticator phone sign-in, OATH software token, OATH hardware token, FIDO2 security key, Windows Hello for Business, and Certificate-based Authentication.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.