search

Gerenios / AADInternals

AADInternals PowerShell module for administering Azure AD and Office 365
http://aadinternals.com/aadinternals
MIT License
1.2k stars 210 forks source link

No MFA Prompt for Get-AADIntAccessTokenForAADGraph #47

Closed firefox15 closed 1 year ago

firefox15 commented 1 year ago

I might be missing something obvious, but I cannot seem to get the Azure access token for tenants that require MFA. I get the Modern Authentication prompt when I execute the following cmdlet, but it simply doesn't ask me for an MFA code after email and password, so then it gives me an error.

Sample code:

$accessToken = Get-AADIntAccessTokenForAADGraph -Resource urn:ms-drs:enterpriseregistration.windows.net

Response after email and password are prompted via Modern Auth:

Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access . . .

Is there anyway to force the authentication prompt to allow me to enter the MFA code?

firefox15 commented 1 year ago

For whatever reason, it appears that "Enforcing" the MFA prompt from Azure AD allows the prompt to come up when running the cmdlet. While this is weird to me, it does work, so I'm closing this.