Forum Discussion
Guest accounts and MFA via Conditional Access in MS Entra
ok... This is an interesting one! Just FYI - I have migrated legacy per-user MFA to MS Entra just few days ago...
Not sure however how the scenario you described could affect GUEST account in our tenant (MFA was not enabled for them). I have also deleted the GUEST user completely so that it is re-created when accessing our sharepoint again -> didn't help either... However, it may be an issue in their tenant with per-user MFA....who knows :)
Anyway, I have enabled MFA Trust for their tenant and the issue is gone.... Was a strange issue, will try to investigate a bit more.... if I find anything, I will update here ;)
They can have per-user MFA enabled in their home tenant, but you have no visibility on that. If you are in contact with some admin on their end, you can have them check/reset the methods.
May I ask you somehting - as I am not 100% sure here and hope you may give me some more "light" into this.
If I do not have MFA trust enabled, and I have GUEST user that completed MFA, I would expect I can see some details in "Authentication methods" in MS Entra for that user? If I understand it properly, MFA for those GUEST (who I do not have MSF Trust enabled) should be managed in our tenant.... so in case there is an issue at some point, I should be able to force "RE-REGISTER" MFA?