Microsoft
MicrosoftHi Sadie Henry In the old standalone mfa registration process, administrators could enable/disable mfa methods a-la-carte in the legacy Azure AD mfa settings screen - including enabling phone while disabling SMS. In converged registration - in the interrupt mode - it looks like users always have the choice of mobile app (push and passcode), phone/voice, and SMS. It looks like the converged-interrupt mfa registration screen does not honor either the legacy mfa settings screen or the sspr settings screen. i.e. if i disable phone/sms methods in the legacy mfa config screen and the sspr config screen, users are still presented phone/voice and sms options in the converged-interrupt registration screen. Will the methods presented be configurable? And will it permit discreet selection of phone/voice versus SMS? Thanks!
EDIT: ok - i take that back. Looks like it does honor the mfa and/or sspr auth methods config. Not sure which yet. but it looks like it can take 10-15 minutes before config changes become effective.
