identity space

gwendal55 Well, I think you need to contact your vendor (Apria) in order to figure out how to connect the gateway with Azure AD. If you are working for Apria.. you might want to get in touch with MS directly (Developer Support).

The website http://www.apriarsa.fr/public/portal/public/apriarsa.html does not provide much information to me personally (might be wrong) .. anyway I can not speak/read french. 

Microsoft Conditional Access has the capability to integrate with "custom controls". See documentation here.

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/controls#custom-controls-preview

Apria is not explicitly listed here... RSA (https://community.rsa.com/docs/DOC-81278) yes.

Providers currently offering a compatible service include:

• https://duo.com/docs/azure-ca
• https://www.entrustdatacard.com/products/authentication/intellitrust
• https://mobileconnect.io/azure/
• https://documentation.pingidentity.com/pingid/pingidAdminGuide/index.shtml#pid_c_AzureADIntegration.html
• https://community.rsa.com/docs/DOC-81278
• https://docs.secureauth.com/pages/viewpage.action?pageId=47238992#
• https://www.silverfort.io/company/using-silverfort-mfa-with-azure-active-directory/
• https://help.symantec.com/home/VIP_Integrate_with_Azure_AD
• https://resources.eu.safenetid.com/help/AzureMFA/Azure_Help/Index.htm
• https://www.trusona.com/docs/azure-ad-integration-guide

This basically requires the Apria Secure Gateway solution to be registered in Azure AD (usually an App Registration + Conditional Access Custom Control config).  I have personally configured this scenario with Ping Identity (PingID) as 2FA provider and can say it works as expected.