1

Is it possible to have multiple, user-selectable registration methods when users sign up for multi-factor authentication (MFA) in Azure AD B2C? E.g., primary and secondary MFA registration methods.

Here is an example:

Azure AD MFA Registration Methods

We know it is possible to have a single user-selectable MFA registration method as exemplified here:

But we are having trouble determining how to configure multiple user-selectable MFA registration methods.

Any insight is appreciated.

Thanks!

HXK8
  • 41
  • 4

1 Answers1

0

Note that: With user flows, only one authentication method can be selected while enabling MFA.

I created an Azure AD B2C user flow and enforced MFA like the below:

enter image description here

The user gets the prompt while signing in like below:

enter image description here

If you want to configure other authentication methods then, you must update the user flow by the authentication methods based on your requirement.

Note: There are limited customization possibilities for user flows, hence you can make use of custom policies to configure MFA.

For sample,

An authenticator app must be installed by the user on a device that belongs to them. The user uses the authenticator app to manually enter a code or scan a QR code on their initial sign-up or sign-in. The user enters the TOTP code that displays on the authenticator app on subsequent sign-ins. For more in detail on how to configure MFA using custom policies refer to the below MsDoc:

MsDoc1

MsDoc2 - by Sandeep G-MSFT

Sourav
  • 814
  • 1
  • 9
  • Thanks Sourav. Does this mean custom policies allow multiple MFA authentication methods? If so, are these methods user-selectable or must be defined in the custom policy flows? – HXK8 Apr 21 '23 at 21:41
  • @HXK8, AFAIK these are not user selectable they must be configured in custom policies. – Sourav Apr 25 '23 at 03:54