Last year, we started requiring multi-factor authentication (MFA) in Microsoft Advertising online. Multi-factor authentication is a security process that requires you to verify your identity in two different ways.
Soon we will require multi-factor authentication for all users who sign in through any third-party application that uses the Bing Ads API, Content API, and Hotel APIs.
Over the last several months most API clients have prepared for the enforcement of MFA. Due to a new developer requirement as explained below, we are extending the deadline from April 1st to August 1st, 2021.
When you sign in and allow third-party applications to access your Microsoft Advertising account, you’ll be asked to provide a second form of verification that matches the contact information in your Microsoft account profile. You’ll need to grant consent again for any third-party tools to access your Microsoft Advertising accounts.
Update your application to use the new msads.manage scope (coming soon) via the Microsoft Identity endpoint. All application developers must take action to use the new scope.
Upon enforcement of the MFA requirement, we will only authenticate access tokens on behalf of a user who passed through MFA via the new msads.manage scope on the Microsoft Identity endpoint.
The new msads.manage scope requires renewed consent from all users of your application. You must prompt users for consent using the new msads.manage scope after they have turned on multi-factor authentication. We recommend that you inform and guide users of your application to set up MFA right away.
Support for the new msads.manage scope including SDKs is coming in April. We’ll share updates via the blog and documentation as soon as its ready.
The GetUserMFAStatus service operation is now available and can be used to estimate the progress of MFA adoption by users of your application. The operation returns true if during calendar year 2021 the user passed through MFA via Microsoft Advertising online, Microsoft Advertising Editor, or Microsoft Advertising mobile. This is only directional and cannot guarantee they will pass through MFA while granting consent to your application.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.