Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

Notify User of MFA Failure

Copper Contributor


    I am searching high and low for a way to send a notification email to a user when an MFA failure occurs for their account.  So far all I can find is in Cloud App Security where I was able to create a policy match for MFA failure alerts and send an email to our admin group but what we want to do is notify the USER if THEIR account has an MFA failure event.  I tried Flow but there doesn't seem to be any triggers for Cloud App Security or MFA at all and I am not versed in writing custom triggers with API calls etc.. Does anyone have any insight on the ability to send this type of notification email on MFA failure? 

2 Replies
Hi Tom. We are about to roll out MFA and had the same question about being able to alert the user too on a failed attempt. Could you share any info or a screenshot perhaps if how you created the policy match for MFA failure alerts to your admin team?
Hi Tom

As you indicating that API's are your thing implementing a Logic app would be more suitable as allot of the connectors already exist.
You could create a logic app that checks every hour for users that have failed mfa attempts and for each user he finds you can send them an email with the logs and the message to your linking.

This will require a deeper dive into logic apps, but it should be possible to get the job done.