Forum Discussion
Bypass Azure MFA and Azure AD Connect Pass-Through Authentication
So here is a dilemma we are currently in. We are in the process of rolling out MFA to our user base and have close to 60 locations all with different egress IP's. We want to bypass MFA when the use...
If you have EMS licenses you could do device-based MFA bypass instead of network-based. The idea is that all networks are treated as hostile these days, there is no internal vs external etc.
Treat enrolled/compliant/domain-joined devices as not requiring MFA, and prompt for MFA on non-enrolled/non-compliant/non-domain devices. If you want to enhance that solution further you can add risk-based MFA prompts as well.
Hi Paul,
I was wondering how to go about creating this MFA bypass by device status. Any help would be appreciated. And do you know if this would circumvent requiring an app password on the native iOS email client on Intune enrolled devices?