search

Azure / ms-rest-nodeauth

node.js based authentication library for Azure with type definitions
MIT License
33 stars 33 forks source link

Multi-factor auth #93

Closed tfenster closed 4 years ago

tfenster commented 4 years ago

Is your feature request related to a problem? Please describe. I am using username/password based login, which works fine unless a user has multi-factor auth set up. In that case I get an error message like

{"error":"interaction_required","error_description":"AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '...'.

Is there any way to use username/password login with MFA?

Describe the solution you'd like Any way for user/password with MFA enabled

Describe alternatives you've considered None

Additional context I'm using ms-rest-nodeauth as part of a VS Code extension

daviwil commented 4 years ago

Hi @tfenster, according to the AAD documentation, multi-factor authentication is not allowed when using the username/password (ROPC) authentication flow:

If users need to use multi-factor authentication (MFA) to log in to the application, they will be blocked instead.

I'd recommend using the interactiveLoginWithAuthResponse method instead if it's possible in your scenario. AAD generally discourages applications from using the username/password flow due to security concerns.

tfenster commented 4 years ago

Thanks for the clarification