Add support for the Microsoft Authenticator app in B2C
Enable the Microsoft Authenticator app to be used for 2FA in Azure B2C.
We are looking to add additional MFA options for Azure AD B2C in the next few months. As part of the investigation, we want to learn more about your requirements. Email your feedback to firstname.lastname@example.org.
When you say “support for Microsoft Authenticator”, which feature are you referring to?
1. The ability to see the codes in the authenticator app
2. The ability to receive push notifications for MFA
If both, which do you prefer more?
Again, please email your feedback to email@example.com. Feel free to include more details about your scenarios/requirements!
We are currently developing the time based one-time-passcode (TOTP) based MFA for both built-in and custom policies. This will allow end users to enroll in TOTP based MFA for second factor authentication using any authenticator app of their choosing including Microsoft Authenticator. We will announce the dates for public preview soon.
Already integrated the standard TOTP mechanism into our B2C custom policy but having push notifications as well would be a big improvement.
> When you say “support for Microsoft Authenticator”, which feature are you referring to?
> 1. The ability to see the codes in the authenticator app
> 2. The ability to receive push notifications for MFA
Whichever of those would be a significant improvement.
Personally, I'd have a minor preference on TOTP / codes approach but also push notifications would be great.
Is this still not enabled ?
Any info on this?
Joel M commented
This should be a basic feature and not a special request.
Any news? This should be as simple as selecting the 'Email' option or the 'SMS or Phone Call' option that exists already. Also it should support both push notifications to the app and totp.
Michael Gugler commented
Are there any news on the implementation? The "Need-Feedback" status is 2 years old?
Katz Sakai commented
Alex Weinert from Microsoft Identity Division says "It's Time to Hang Up on Phone Transports for Authentication"
Then, why don't you support Microsoft Authenticator as a build-in feature in Azure AD B2C?
Christiaan Basson commented
Preference for push notification to MS Authenticator app.
Having solid support for TOTP (general) should be a given and not a special request.
An update from MS would also be most welcome as the documentation at https://docs.microsoft.com/en-us/azure/active-directory-b2c/custom-policy-multi-factor-authentication suggests this now support standard Azure MFA - which absolutely support TOTP and push notifications...
Syed Mustafa Shah commented
I am looking for an easy setup of AD B2C MFA with Authenticator App. I would like to have easy setup with build in support like user flows or sample custom policies etc.
Moreover, would like to use the codes in Auth app as primary feature to use.
Last but not the least is conditional access for some users.
Mathieu Malenfant commented
On my side, I'd like to be able to authenticate using MS Authenticator instead of a text message. I'd also like to be able to set MFA as conditional for some users.
Lawrence Dwight commented
No movement in years? Clearly Microsoft isn’t serious about Azure AD B2C...
it's been 3 years, and no updates?
Michal Piatek commented
Ideally add generic support for all the TOTP authenticator apps.
Any update on this one, please?
Norman Noonan | Flextime commented
I would like clarity in relation to charging for MFA with ADB2C. Currently the documentation states that charges apply when utilising only Voice or SMS.
This would imply using the Authenticator app to implement MFA with ADB2C will not incurr a charge.
Will North commented
will the authenticator app be supported soon and will there be a charge per MFA?
Ewan Crowe commented
We need the push notification ideally but both options would be good.
Bert Haggren commented
Both options is a must for us.
Marco Rentier commented
Will Microsoft Authenticator app becoming available in the AD free tier ( https://www.microsoft.com/security/blog/2019/11/04/microsoft-announces-new-innovations-in-security-compliance-and-identity-at-ignite/ ) make it easier to roll out this feature?