Forum Discussion
MFA using Conditional Access VS Additional cloud-based MFA settings
We current have some IP Address Range exception and 14 days browser saving enabled in the "Additional cloud-based MDA Settings" will these setting work in combination with Conditional Access Policy? ...
Yes these 2 settings are additive. In the sense that most restrictive setting wins. If both allow, then MFA not needed. Hope this makes sense.
Also, basic MFA setting applies at tenant level, so be careful not to lock yourself out while testing it.
Also, basic MFA setting applies at tenant level, so be careful not to lock yourself out while testing it.
Vikram V can you confirm that the rule for resolving conflicts is that the most restrictive policy wins? I was told that whatever was configured in the "Additional cloud-based MFA settings" blade had precedence over any conditional access rule.
Also, I'm trying to find the documentation for this scenario, but haven't been successful so far.