2 votesPaul Hugill shared this idea ·
An error occurred while saving the commentPaul Hugill commented
I think this is helped with a new role called 'Authentication Policy Administrator'.
I looking for the same thing and actually stumbled on it by accident when I saw the policy listed for 'Manage MFA Settings' here:
I tested that out and it works, however it does give the ability to change actual MFA settings like the Block on Fraud Report and other things related to it, so it may still be too high level a role for what you need.
It should solve our purpose though and is definitely better than Global Admin.