Forum Discussion
Azure Active Directory and ADFS support for Location based MFA ?
You can use the claims rules engine to create rules that will apply MFA only on external logins. You cannot however limit this to only specific workflows, such as SPO. If you have such requirements, Azure AD Conditional Access is your best option.
Thank you, i figured that as well regarding claim rules.
I have another question in the meantime though regarding the Conditional Access.
Does this should work as well with Federated IDs or just with Cloud only an PTA and SSO Synced AD Accounts?
I justed created a Conditional Access Rules which should require me to use MFA if im not coming from a Trusted IP Range and if accessing SharePoint Online from Browser but no other target in Browser and no Modern Authentication App and it seems not to work for federated IDs.
So for them i always have to use ADFS Claim Rules or is there something wrong with my Rule ?
Best regards
Ueli