Automatically enable MFA for all members of an Azure AD Group.
Add the ability to automatically enable MFA for all members of an Azure AD group as they are added, in addition ask if MFA should be automatically disabled for users being removed. This could be via an option within the users setting of an Azure AD group.
Robert Boyle commented
It is completely nuts that this isn't a basic feature of MFA. The fact that it has to be enabled per user is just crazy.
OMG comeon, this is a no brainer, has this been added yet?? It should be built.
Absolutely, this is a must for large enterprises. And even better, make it easy to enforce a method also (ie SMS/call/app notification) already, so we don't have to run a scheduled PS script to enforce this.
Gururaj Pandurangi commented
+1 for this.
Specially for 'Owners' and 'Subscription co-admins'.
Compliance policies require us to do that.
1) Please have MFA work with basic Azure AD (i.e. no Premium plans).
2) Allow to work with Azure AD application (even with Premium plans, the MFA are tied only to users, not AD App/Service Principals)