Forum Discussion
CBA, MFA, and AADSTS54008 Certificate is not supported as first factor
Greetings All, I'm trying to get CBA MFA working for Azure AD, exchange online specifically, but I can't get past the following error: AADSTS54008: Multi-Factor authentication is required and t...
When you configure CBA, you can define whether it's to be used as single- or multi-factor, so check for that. The Protection level toggle under auth methods > CBA > Configure.
Understood. I've set up two rules, which as I understand it, renders the toggle useless. I also have a conditional policy requiring MFA for the same users configured for Certificate-based authentication. If I remove the conditional access policy from the users, the authentication works and there is no error, but users can also sign in using their password only, which is unacceptable. I have to be missing something somewhere. As soon as I reinstate the conditional access policy, the error returns.