ADFS 2016 & Multiple MFA providers

Copper Contributor

Currently running ADFS 2016 with Duo as our MFA provider. We are planning to move to O365 MFA, and would like to do it in a phased migration. A quick test shows that if both providers are selected in the configuration, the user is prompted to select which provider to use.  Two questions, 1) is there a way to customize this selection screen? and 2) is there a way to define which provider a user is taken to based on group membership in AD? Thanks. 

2 Replies

Depends, you might be able to force a specific method via claims rules (see for example here:, but if multiple providers use the same method, you'll have to edit the aspx/js files.

@Chris KincaidThe best way I've found is to upgrade to ADFS 2019, raise the FBL, and then follow advice from