Add check box option to exclude guest users from enrolling for MFA in Azure AD Identity Protection
We want the option to exclude guest users from MFA.
There is a check box option in Conditional Access to exclude Guest users from a policy, but not in MFA registration within Azure AD Identity Protection. Therefore guest users are still prompted to enroll for MFA (but excluded from MFA actions). As a workaround we have to create a group (i.e. 'All users'), add all AD users in to that group, and choose to include that group only for MFA registration.
Wey, Stefan commented
Identity Protection | MFA registration policy
Create an Exclude and add a Dynamic Group with the Following Rule syntax (user.userType -eq "Guest")
Coralie Young commented
We would like this option also, but we do not want to maintain a All Users group.