Enabling strong authentication scenarios

Initially, a user signs in from any device using their existing account credentials. If a user is signing into an on-premises application, the Multi-Factor Server that is installed at the customer's site intercepts the authentication request.

Tip

Authentication requests can be differentiated based on the location and the device trust level, such as managed (isManaged) or compliant (isCompliant).

First, it checks the username and password against the user directory. If the correct credentials are entered, a request is sent to the MFA cloud service. The service sends the authentication request to the user's phone. Once the user has been authenticated, they are instantly signed into the application. There are ...

Get Mastering Identity and Access Management with Microsoft Azure now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.