Forum Discussion

Robert Woods's avatar
Robert Woods
Iron Contributor
Oct 06, 2018
Solved

Issues with Microsoft Authenticator not popping up Approval message

We have recently implemented MFA with a conditional access policy. We turned off the ability to receive texts/calls and are forcing the Authenticator app. This is causing issues when users need to re set up the account in the Authenticator app. I have had multiple scenarios this week where the Microsoft Authenticator app has stopped displaying the approve/deny message. The end users try to fix the issue themselves and will remove their accounts from the app and try to reenroll by going to myapps.microsoft.com and restarting the setup process. The problem lies in that even though they are visiting the portal from devices that are excluded from MFA via conditional access (Compliant/Hybrid AD Joined) the myapps.microsoft.com portal is still enforcing MFA to log in. Since they have removed their account from the application they can not authenticate to the portal. There is no alternate method since Phone/Text are disabled. 

 

In order to get the end user back into the portal I have to go to the regular MFA Setup page, enable phone calls or texts, enable and enforce MFA on the end user, and they can finally get in to re-set up the account. 

 

All of this could be fixed with a one time bypass for cloud! 

Access Management
Identity Management
  • Robert Woods's avatar
    Robert Woods
    Mar 16, 2022
    Thanks sophie this post is from oct 2018 I no longer need additonal comments from people on it.

40 Replies

Show More
  • notforprofit's avatar
    notforprofit
    Copper Contributor
    Feb 09, 2022
    On a side note, can you describe how you were able to define authentication methods per conditional policy? I haven't been able to figure that out.
  • Lashae1993's avatar
    Lashae1993
    Copper Contributor
    Feb 01, 2022
    I haven't been getting my verification notifications since I got my new phone a while back, and I couldn't get the code sent to my number then bc my old phone was messed up so I had to change the number to another phone to get the code and then it said that bc I have tried to many times it still wouldn't let me log into my account!! Which has been very aggrivating bc it's prevented me from not just all my important emails, but also from being able to get into my HP Desktop also!
  • Jackpunch's avatar
    Jackpunch
    Copper Contributor
    Jan 25, 2022

    Robert Woods I would like to see the one-time bypass feature in Azure MFA. As for the Authenticator, I've also seen it fail to bring up the approval, but usually when I manually open the https://apkchew.com/crunchyroll/, it appears.

  • NanookFieryArcticSkyy's avatar
    NanookFieryArcticSkyy
    Copper Contributor
    Dec 14, 2021

    Robert Woods Somehow I got mine to work.  I had to start app every now and then to get the MFA approval notifications, despite battery saver off for this app.  Maybe it was turning off wifi. I did find some more notification settings for the app when I drilled down further, maybe I mucked with one of those.  I did turn off "Smart Touch" which is a transparent soft button that floats across phone to switch from one open app to another.  It was in the way more than I used it so I turned it off.  I did change my tone for notifications so I knew it was "special". Reminds me of the Church lady on SNL!

  • ajshaw1984's avatar
    ajshaw1984
    Copper Contributor
    Sep 27, 2021

    Robert Woods I resolved this by first disabling iCloud backup within the authenticator app's own settings then removing the relevant MS account from the app, finally removing the authenticator app as an authentication method from the individual MS account management area web login.  Finally, add the account again and turn authenticator backup back on again. I am now receiving notifications as expected and all approvals are working.  

    • Norman_Nuernberger's avatar
      Norman_Nuernberger
      Copper Contributor
      Nov 24, 2021

      ajshaw1984 

      I was able to solve the issue by just disabling iCloud backup inside the app settings and re-enabling it. For me it was not required to remove settings or the whole app to solve it.

  • anita980's avatar
    anita980
    Copper Contributor
    Aug 18, 2021

    @https://release1.net/ 

    Here, we suggest to try the following suggestions to see if it is working.
    1. Restart the device and try again.
    2. Try change the network to see if the result is different? For example, if we use WIFI. change it to mobile connection to see if it is working
    3. Try to remove the account in Authenticator and try again to see if there's any different.

    A related link for the reference:
    https://github.com/MicrosoftDocs/azure-docs/blob/master/articles/active-directory/user-help/user-help-auth-app-faq.md
    Note: non-Microsoft link, just for the reference.

    Please try the above suggestion and if there's any update, feel free to let us know.

  • gregorywalker's avatar
    gregorywalker
    Copper Contributor
    Oct 09, 2020

    Robert Woods I've been noticing issues where the Authenticator app will not pop-up notification while I'm connected to Wi-Fi but as soon as I disconnect and go to mobile connection, the notification pops-up immediately. This behavior doesn't make sense to me.

    • MarcusNordlund's avatar
      MarcusNordlund
      Copper Contributor
      Jan 11, 2023
      To turn off the wifi/wi-fi really did the trick for me for my android device. Thank you!
  • AtlBritt444's avatar
    AtlBritt444
    Copper Contributor
    Apr 08, 2020

    I found with my phone that the notifications had been set back to low priority, so no pop up and no sound.  I had to go into the advanced set up to be able to change it back. Once i did that, I now get the notifications again.  However, I now get three notification sounds after approving the request. Not sure why but much less of a problem than not receiving the request.

     

    Paul

     

    • Renate_FourierSystem's avatar
      Renate_FourierSystem
      Copper Contributor
      Sep 10, 2021

      Authentication app is not working correctly. It is grey out on the app so I cant get my code that I need. 

      AtlBritt444 

       

      Where do I change priority to higher so that I receive the notification.

      • AtlBritt444's avatar
        AtlBritt444
        Copper Contributor
        Sep 10, 2021

        Renate_FourierSystem 

        On my Android phone, I go Settings > Notifications > Authenticator > All Notifications (under Categories) which opens which notifications make noise, which show on the lock screen etc.

        You want importance sent to "URGENT: Make sound and pop on screen"

    • Thijs Lecomte's avatar
      Thijs Lecomte
      Bronze Contributor
      Apr 09, 2020
      I noticed the sounds too after approval.

      It seems this cam with an update of the app
  • Eli Shlomo's avatar
    Eli Shlomo
    MVP
    Oct 06, 2018

    Hi  Robert,

     

    The problems should be divided into different parts:

    • Microsoft Authenticator app has stopped displaying the approve/deny message
      • Check if your devices get notifications when the app is open or closed
      • Check if the verification codes in the app are working when notification doesn't
      • Check if notification through a mobile app is enabled or disabled
      • If you tried all of these steps and are still having issues, you must check the mobile log files for diagnostics.
      • The app notification issue appear on iOS and Android?
    • Portal is still enforcing MFA
      • Check what is the reasons with Azure AD Sign-in logs and check which conditional still required the MFA and why
      • Do you've some policies for registered devices? if yes it may affect your user behavior

    It's better to use more than one authentication method and you can use the additional one with the phone call and it allows you to re-enroll.

     

    Eli.

    • Martin_Durec's avatar
      Martin_Durec
      Copper Contributor
      Apr 07, 2020

      Eli Shlomo , for the benefit of other readers:

       

      My approval notifications was not working on Android 9.0, because "Company Portal" application was being shut down by my phone battery optimization app, in the background. I had to white-list "Company Portal" application in the battery settings (both Android settings & DuraSpeed application settings, that comes with my version of Android by default). After that, starting Company Portal application again, Authenticator started to work as expected.

    • Mirriam's avatar
      Mirriam
      Copper Contributor
      Jul 18, 2019

      Eli Shlomo

      Hi Eli

      I have an issue with MFA, my customers are setup to use Microsoft Authentication Mobile App, all of them have chosen to authenticate through the OATH token, they have been connecting successfully, but this week most of them are receiving this error "Unable to reach the server, please verify internet connectivity", the MFA server  is up and running! but the amazing thing is they can reach other web-pages like google or Yahoo. What might be the issue?

  • VasilMichev's avatar
    VasilMichev
    MVP
    Oct 06, 2018

    Definitely would like to see the one-time bypass feature in Azure MFA. As for the Authenticator, I've also seen it fail to bring up the approval, but usually when I manually open the app, it appears.

    • Ann__410's avatar
      Ann__410
      Copper Contributor
      Sep 15, 2021
      I initially registered my MFA Account on a different device but I don't have an access to it any longer. I tried to download the MS Authenticator App on my new phone but it's not showing any Approval Alert nor Authentication code. Please help.Thank you.

Resources