1,242 votes241 comments · Azure Active Directory » Multi-factor Authentication · Flag idea as inappropriate… · Admin →
This feature is now on the roadmap. The MFA team is planning to adjust admin roles or create a new role that will allow delegation of MFA registration and credentials to an admin role.
An error occurred while saving the commentChris commented
Just as a heads up. Requiring Global Admin so Help Desk users can unblock (not just enable/disable) MFA for non privileged users causes a situation where Azure Active Directory does NOT meet the HITRUST Least Privileged requirements...so this can cause your organization to fail a HITRUST audit.
This MUST be fixed.