Dec 12 2022 06:58 AM
We are testing utilizing Conditional Access policies to recognize the InsideCorporateNetwork claim by configuring the 'Skip multi-factor authentication for requests from federated users on my intranet' MFA setting.
We currently do not use Microsoft Authenticator and require that users be on-net to authentication (inside the bricks, VPN etc), however we are finding that when users have Microsoft Authenticator on their mobile device and their account gets added to Authenticator after logging in to a Microsoft App on the device, when they change networks, Authenticator goes into a loop and users lose access to their apps. Jumping back on the network where the original authentication occurred seems to fix the problem. Is there any configurable way around this?
Dec 20 2022 09:18 AM