Forum Discussion
Solved
Azure AD MFA with Conditional Access Policy
Hi All, I'm planning on implementing Azure AD MFA with a conditional access policy. I have gone through all the steps and have a good understanding on the process. However I have bit of a grey a...
- So, the following is from the Session Controls within a CA policy - "Time period before a user is asked to sign-in again when attempting to access a resource. The default setting is a rolling window of 90 days, i.e. users will be asked to re-authenticate on the first attempt to access a resource after being inactive on their machine for 90 days or longer".More information can be found at - https://docs.microsoft.com/en-gb/azure/active-directory/conditional-access/howto-conditional-access-session-lifetimeSo I would think that you can work on the principle that after 2 hours of inactivity, they will be prompted for sign in, and at this point, they will be challenged to register for MFA.
So, the following is from the Session Controls within a CA policy - "Time period before a user is asked to sign-in again when attempting to access a resource. The default setting is a rolling window of 90 days, i.e. users will be asked to re-authenticate on the first attempt to access a resource after being inactive on their machine for 90 days or longer".
More information can be found at - https://docs.microsoft.com/en-gb/azure/active-directory/conditional-access/howto-conditional-access-session-lifetime
So I would think that you can work on the principle that after 2 hours of inactivity, they will be prompted for sign in, and at this point, they will be challenged to register for MFA.