Share via

Add extra authetication methods in Entra

Sharon01 61 Reputation points
2024-10-09T13:45:55.8033333+00:00

Hi ,

In Entra , if i filter for a user -->Authentication method , i can see the user is capable with 2 authntication methods . I use Powershell to filter , since Entra won't show which is availble .

ExtensionData IsDefault MethodType

System.Runtime.Serialization.ExtensionDataObject True OneWaySMS

System.Runtime.Serialization.ExtensionDataObject False TwoWayVoiceMobile

In the Tenant , MFA with Authenticator App is enabled for all users. But still some users dont have this . How can I add this authentication method for those users.

Either via intune or via Powershell command

I see that Microsoft Authenticator as a Non-usable authentication methods for the user .

Expand table

Authentication method****DetailExpand table

Microsoft AuthenticatorMicrosoft AuthenticatorMicrosoft AuthenticatorWhy this shows . In the Tenant it is enabled for all users

Thanks

PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,529 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,824 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Raja Pothuraju 6,590 Reputation points Microsoft Vendor
    2024-10-14T19:34:02.06+00:00

    Hello @Sharon01,

    Thank you for posting your query on Microsoft Q&A.

    Based on your description, it seems that you're trying to add an additional authentication method in Entra, but for some users, the Microsoft Authenticator appears under "Non-usable authentication methods." You would like to move it to the "Usable authentication methods" section. Below is a screenshot from my test tenant for reference.User's image

    Cause: This occurs if users did not complete the setup or failed to verify the 2-digit number that appears after scanning the QR code in the Authenticator app during MFA setup.

    User's image

    After scanning the QR code in the Microsoft Authenticator app, when users click "Next" on the setup page, they will be prompted with a 2-digit number to verify the registration.

    User's image

    If the user does not verify the registration and, for some reason, returns to the previous page or skips the MFA setup with the Microsoft Authenticator app, it will appear under the "Non-usable authentication methods" tab in the user's profile.

    Solution: To move it to the "Usable" section, you can require the affected users to re-register for multi-factor authentication. For this, click on "Require re-register multifactor authentication" for all users whose methods are listed under "Non-usable authentication methods." On their next sign-in, they will be prompted to re-register for MFA, or they can visit aka.ms/mfasetup to complete the setup using the Microsoft Authenticator app.

    User's image

    I hope this information is helpful. Please feel free to reach out if you have any further questions.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Thanks,
    Raja Pothuraju.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.