Forum Discussion

Ashkanscb's avatar
Ashkanscb
Copper Contributor
Jan 05, 2024

MFA setup for verifing my customer identity

Hello,   Can somone help me to setup a simple webapp for verification?   Example I open website https:xxxxxxxx and enter my customer email My customer get a notification on the authenticator ap...
azure functions
LeonPavesic's avatar
LeonPavesic
Silver Contributor
Jan 05, 2024

Hi Ashkanscb,

here are the steps to set up a basic web app for MFA verification using Azure:

  1. Create and deploy a web app on Azure App Service: Utilize an existing web app or follow one of the quickstarts to generate and deploy a new web app on App Service.

  2. Configure authentication and authorization: Enable authentication and authorization for the web app, employing Microsoft Entra ID as the identity provider.

  3. Add an identity provider: Navigate to Authentication in your app's left menu, click "Add identity provider," and select Microsoft as the identity provider for Microsoft and Microsoft Entra identities.

  4. Enable MFA for your application: Go to Identity > Protection > Authentication methods. In the Method list, choose Email OTP. Toggle on the Enable switch under Enable and Target. For Include, select All users under Target. Save your changes.

When the authentication/authorization module is activated, each incoming HTTP request goes through it before reaching your app code.

Tutorial - Add app authentication to a web app on Azure App Service - Azure App Service | Microsoft Learn

Tutorial - Add authentication to a web app on Azure App Service - Microsoft identity platform | Microsoft Learn


Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.


If the post was useful in other ways, please consider giving it Like.


Kindest regards,


Leon Pavesic
(LinkedIn)

Ashkanscb's avatar
Ashkanscb
Copper Contributor
Jan 05, 2024

Thank you, 

 

That is nice.

 

Also, as I mentioned our customers has mfa to verify their identity for current products. 

Is there a way to veify their 6 digit code generated from Microsoft authenticator app?

 

 

For example

 

I enter user email address into a azure product if there is any (in my admin panel) and user tell me his/her 6 digit code and I will check if the code is valid or not. 

 

Basically, how to validate the 6 digit code on behalf of the user? 

  • LeonPavesic's avatar
    LeonPavesic
    Silver Contributor
    Jan 05, 2024

    Hi Ashkanscb,

    thanks for the update.

    Validating the 6-digit code generated by the Microsoft Authenticator app typically involves utilizing Azure AD's built-in capabilities. However, for security reasons, manually validating these codes on behalf of the user is not a standard practice. The codes are intended for use by the end-user as part of the Multi-Factor Authentication (MFA) process.

    For identity verification, it is recommended to have the user complete the MFA challenge themselves to ensure the security of the process and prevent unnecessary sharing of temporary MFA codes.

    If you need to determine which MFA method is assigned to users in Azure AD, you can do so through the Azure portal with global admin credentials. Navigate to Azure Active Directory, click on Security, and then access Authentication Methods. You can explore "User registration details" and "Registration and reset events" to view information about users' registration for specific authentication methods in MFA.


    Please click Mark as Best Response & Like if my post helped you to solve your issue.
    This will help others to find the correct solution easily. It also closes the item.


    If the post was useful in other ways, please consider giving it Like.


    Kindest regards,


    Leon Pavesic
    (LinkedIn)

Resources