ADFS And multiple MFA Providers

Matt Karel · ‎Sep 08 2017

We are looking at maybe switching our MFA tokens from one token provider to another. Rather then making that switch all at once we would like to do it a stataged manner. I am wondering if its possible to control with groups what authentication provider is used for a user if an RP is configured for MFA?

We currently are running ADFS on Windows 2012R2 .

Matt Karel · ‎Sep 08 2017

You will have to use some custom solution for that, AD FS will display/allow all available MFA methods.

Matt Karel · ‎Sep 11 2017

I kind of figured that but figured no harm in asking.

Thanks!

Lawrence Lee · ‎Sep 11 2017

I have similar requirment. We implement a MFA for ADFS and also use Microsoft MFA solution.

We want to let specific group to use our own MFA and others use Microsoft MFA.

Employee won't want to select which MFA they need since they will be confused.

Is there more information about how to do it to make the login page automatically select MFA provider for user?

Vasil Michev · ‎Sep 12 2017

That you can control with claims rules. Just make sure to send the

http://schemas.microsoft.com/claims/authnmethodsreferences claim or you will get login loops.

Look up "SupportsMFA" to get more info, here's one good post: https://blogs.technet.microsoft.com/bulentozkir/2016/05/01/office-365-customers-who-have-adfs-instal...

ADFS And multiple MFA Providers

ADFS And multiple MFA Providers

Re: ADFS And multiple MFA Providers

Re: ADFS And multiple MFA Providers

Re: ADFS And multiple MFA Providers

Re: ADFS And multiple MFA Providers

Products (51)

Special Topics (28)

Video Hub (447)

Most Active Hubs

Most Active Hubs

Video Hub

ADFS And multiple MFA Providers

ADFS And multiple MFA Providers

Re: ADFS And multiple MFA Providers

Re: ADFS And multiple MFA Providers

Re: ADFS And multiple MFA Providers

Re: ADFS And multiple MFA Providers