Oct 06 2018
- last edited on
Jul 24 2020
We have recently implemented MFA with a conditional access policy. We turned off the ability to receive texts/calls and are forcing the Authenticator app. This is causing issues when users need to re set up the account in the Authenticator app. I have had multiple scenarios this week where the Microsoft Authenticator app has stopped displaying the approve/deny message. The end users try to fix the issue themselves and will remove their accounts from the app and try to reenroll by going to myapps.microsoft.com and restarting the setup process. The problem lies in that even though they are visiting the portal from devices that are excluded from MFA via conditional access (Compliant/Hybrid AD Joined) the myapps.microsoft.com portal is still enforcing MFA to log in. Since they have removed their account from the application they can not authenticate to the portal. There is no alternate method since Phone/Text are disabled.
In order to get the end user back into the portal I have to go to the regular MFA Setup page, enable phone calls or texts, enable and enforce MFA on the end user, and they can finally get in to re-set up the account.
All of this could be fixed with a one time bypass for cloud!
Oct 06 2018 12:06 PM
Definitely would like to see the one-time bypass feature in Azure MFA. As for the Authenticator, I've also seen it fail to bring up the approval, but usually when I manually open the app, it appears.
Oct 06 2018 01:13 PM - edited Oct 06 2018 01:14 PM
The problems should be divided into different parts:
It's better to use more than one authentication method and you can use the additional one with the phone call and it allows you to re-enroll.
Jul 18 2019 06:25 AM
I have an issue with MFA, my customers are setup to use Microsoft Authentication Mobile App, all of them have chosen to authenticate through the OATH token, they have been connecting successfully, but this week most of them are receiving this error "Unable to reach the server, please verify internet connectivity", the MFA server is up and running! but the amazing thing is they can reach other web-pages like google or Yahoo. What might be the issue?
Apr 07 2020 02:24 AM
@Eli Shlomo , for the benefit of other readers:
My approval notifications was not working on Android 9.0, because "Company Portal" application was being shut down by my phone battery optimization app, in the background. I had to white-list "Company Portal" application in the battery settings (both Android settings & DuraSpeed application settings, that comes with my version of Android by default). After that, starting Company Portal application again, Authenticator started to work as expected.
Apr 08 2020 07:21 AM
I found with my phone that the notifications had been set back to low priority, so no pop up and no sound. I had to go into the advanced set up to be able to change it back. Once i did that, I now get the notifications again. However, I now get three notification sounds after approving the request. Not sure why but much less of a problem than not receiving the request.
Apr 09 2020 12:19 AM
Oct 09 2020 06:49 AM
@Robert Woods I've been noticing issues where the Authenticator app will not pop-up notification while I'm connected to Wi-Fi but as soon as I disconnect and go to mobile connection, the notification pops-up immediately. This behavior doesn't make sense to me.
Aug 11 2021 10:30 PM
This really really helped me @Martin_Durec all I had to do it go to the Battery Optimizer settings, Select ALL Apps, and find the Authenticator + Google Authenticator apps which to my surprise were ON. I disabled them and I not can see the Approve and Deny pop ups for Microsoft Auth app. Much thanks mate!
Aug 18 2021 04:30 AM
Here, we suggest to try the following suggestions to see if it is working.
1. Restart the device and try again.
2. Try change the network to see if the result is different? For example, if we use WIFI. change it to mobile connection to see if it is working
3. Try to remove the account in Authenticator and try again to see if there's any different.
A related link for the reference:
Note: non-Microsoft link, just for the reference.
Please try the above suggestion and if there's any update, feel free to let us know.
Sep 10 2021 05:05 AM
Authentication app is not working correctly. It is grey out on the app so I cant get my code that I need.
Where do I change priority to higher so that I receive the notification.
Sep 10 2021 07:44 AM
On my Android phone, I go Settings > Notifications > Authenticator > All Notifications (under Categories) which opens which notifications make noise, which show on the lock screen etc.
You want importance sent to "URGENT: Make sound and pop on screen"
Sep 15 2021 02:15 AM