Azure MFA Cloud : Abillity to remove specific sign-in option like Telephone for work
I've not heard two times from customers that they REQUIRE that they can manage / choose which authentication methods are available to users during the MFA enrollment proces.
The IT administrators would like to control the phone authentication numbers or limit access to the Azure Authenticator.
It would also be nice, if it would be posible to define different policies for specific users or group of users
We are working on something similar to this request that should be available for preview soon.
Peter Selch Dahl commented
You are correct. This feature request is also ment to "limiting the possible authentication method to some degree"
In regards to the values:
This would depend on where your object is originally created. For on-prem users the phone number will be sync'd from the users objects attribute "mobile" and "telephoneNumber"
See the attributes here: https://support.microsoft.com/en-us/kb/2256198
Correct me if I am wrong but that is only limiting the possible authentication method to some degree. But where is the value for the Office phone or mobile being drawn from.
And according to what Service?