How to get Azure MFA for 1:12 ratio external users?

New Contributor

A client assigned me to find IDM/IAM solutions including SSO and MFA for both their ~250 internal as 3.000 external users, i.e. a 1 to 12 ratio.


We looked into the Azure MFA pricing model since it's quite an impact to purchase 3250 per-user licenses instead of just the 250 internal users. On the other side, a per-authentication model (10 per bundle) leads to unpredictable cost, especially if some hack tool generates a gazillion failed attempts.


So our main question is how to properly license Azure MFA for 250 internal users and 3000 external users? The underlying questions we have:


  1. Does the 1 user : 5 licenses ratio in an Azure B2B scenario only apply to Azure AD Premium or also to Azure MFA standalone?
  2. Is there a possibility to mix a per-user license model for the 250 internal users and a different model for the 3.000 external users? (maybe even the 'free' MFA for Office 365 when they go there)
  3. What does Microsoft do/bill in a per-authentication model if e.g. a robot generates a substancial amount of (failed) MFA transactions?
  4. Any chance there's some sort of External Connector cloud variant for Azure MFA?

Thanks for all your thoughts and answers!


With kind regards,


0 Replies