How can we improve Azure Active Directory?

MFA for the the Azure portal only

We use MFA for the Azure portal, but enabling this carries the MFA functionality to the entire Microsoft suite. This means not only portal.office.com, but all of our applications that use Azure AD, Skype, Exchange OWA, even Yammer! I opened a ticket and was essentially told MFA is all or nothing at this point.

6 votes
Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)

We’ll send you updates on this idea

Casey shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
(thinking…)
Sign in with: oidc
Signed in as (Sign out)
Submitting...
  • Ben Hatton commented  ·   ·  Flag as inappropriate

    Extending this, I can confirm that MFA via conditional access against "Microsoft Azure Management" also fails, as the setting will force MFA for (at least) powerapps.
    Get your act together please - perfoming an OAuth login or obtaining a token for Graph API is not Microsoft Azure Management - It's end-user interaction with AAD.

Feedback and Knowledge Base