MicrosoftMicrosoftYou didn't really answer the question from VasilMichev
In the link you provided there is the ID 00000006-0000-0ff1-ce00-000000000000 mentioned. But is this the right one? There seems to be one for the new admin portal URL admin.cloud.microsoft (618dd325-23f6-4b6f-8380-4df78026e39b). And there are some user services which use the ID 00000006-0000-0ff1-ce00-000000000000 like https://portal.office.com/account/.
Can you please clarify this? Thanks Georg
Hi @GeogAlthaus, An App ID can be associated to multiple URLs which may or may not be in-scope for MFA enforcement. A better way to look at this is that Microsoft will be enforcing MFA for the Microsoft 365 admin center which is accessed via the following URLs: 'portal.office.com/adminportal/home' , 'admin.cloud.microsoft' , or 'admin.microsoft.com'. Note that 'portal.office.com/account' is the 'My Account' page and is not in-scope.
Hi v-vasulkars , interesting. I've not seen information in any blog posts or articles that reference the MFA is scoped to URLs as well as App IDs. Do you have a full list of the URLs that are going to be targeted by the MFA, rather than the App IDs.
We're desperately trying to understand the scope of which users are going to be affected by this. We have ran impact reports and tried to create a report-only CA policy to understand the impact, neither of which would allow us to see URLs.
Hi @JonKilner, The URL's impacted are 'portal.office.com/adminportal/home' , 'admin.cloud.microsoft', or 'admin.microsoft.com'. Note that 'portal.office.com/account' is the 'My Account' page and is not in-scope.
The users that are impacted are notified through the Message center.
Thanks!
