Enable per user MFA bypass for Azure MFA (Cloud) make this both temporary and permenant based on settings
Currently per user bypass is not capable in Azure MFA (Cloud only) this can be done using the Azure MFA on premise server. This functionality make Azure MFA more usable for a end user community that often loses or forget cell phones and need temporary bypass. Also using Azure MFA with NPS/Radius there is no way to allow services accounts that do network equipment monitoring to avoid Azure MFA if we want to enable MFA to access critical network infrastructure or VPN using radius this would help this scenario too
Miguel H commented
For service accounts exceptions, I need Microsoft to allow the NPS MFA Extension to evaluate the RADIUS 'Calling-Station-ID' attribute to see if the service account is coming from an expected IP address. This should be a registry setting in addition to the existing IP Exceptions (HKLM\SOFTWARE\Microsoft\AzureMfa > IP_WHITELIST value) which don't work as the radius client itself is a network device, so whitelisting those would allow all users to login to those devices without MFA.
Alek Geldenberg commented
This is NECESSARY! Please, add this feature.
would be great to have solution for service accounts
I concur, please add this feature
Please add this feature.
Please add this feature!