Reputation: 117
AzureAD custom multi factor auth
I've got a single page application that currently uses Azure AD B2C authentication to allow users to sign in, and then use the auth cookies to talk directly to internal services. There is now a requirement that we use two factor auth on top of the existing AD auth. We've already rolled our own 'second factor' auth, and we need to be able to integrate with that (I'd much rather use the built in MFA that Azure provides, but for this question assume that isn't an option).
Our issue is that we don't want to call our MFA service until the user has authenticated succesfully with AD - but of course, once they have, they are already authenticated, and it's too late.
When Azure AD hands back to us via the call back (we are using CookieAuthenticationEvents), is there any way to defer the access token being available until our own second factor auth step succeeds?
Upvotes: 1
Views: 163
Answers (1)
Reputation: 15619
Just as juunas suggested, try to use custom polices which are designed primarily to address complex scenarios.
Reference:
Custom policies in Azure Active Directory B2C
Upvotes: 1
Related Questions
- Azure Active Directory Multi-Factor Authentication with Conditional Access Policy not working
- Azure Active Directory MFA
- How to make OAuth2 work for Azure Active Directory with multi-factor authentication on .net?
- Azure Active Directory multi-factor check for authorization
- Multi-factor authentication for hybrid azure AD joined domain
- How to enforce multi factor authentication in external azure active directories
- Multi-Factor Authentcation when login to Windows 10 with Azure AD Account
- Custom authentication in Azure AD
- Azure Multi Factor Authentication for a custom ASP.Net web app
- How do I set multifactor authentication on windows azure management?