SaibabaBalapur-MSFT
commented
2 years ago @si-chan Thanks for your feedback! We will investigate and update as appropriate.
Open si-chan opened 2 years ago
SaibabaBalapur-MSFT
commented
2 years ago @si-chan Thanks for your feedback! We will investigate and update as appropriate.
YashikaTyagii
commented
2 years ago @si-chan I have reviewed your suggestions and seems "Azure AD MFA and conditional access are included as part of the Premium P2 SKU, which is required for Azure AD PIM, so discussion of licensing is probably redundant here" is a correct statement. Also it is mentioned in the table for Feature comparison based on licenses. https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-mfa-licensing#feature-comparison-based-on-licenses
@amsliu could you provide your inputs On the second statement : "The MFA process description doesn't adequately explain whether a user who previously did MFA upon sign-in (potentially several hours ago) would still need to do MFA for their PIM elevation or whether their existing strong auth session would still be considered valid"
amsliu
commented
2 years ago @si-chan Thank you for your feedback. I am double checking this with our product team.
amsliu
commented
1 year ago amsliu
commented
1 year ago @YashikaTyagi-MSFT could you please re-assign this issue to the PM @ilyalushnikov? We are pending clarification from the product side. Thanks!
Azure AD MFA and conditional access are included as part of the Premium P2 SKU, which is required for Azure AD PIM, so discussion of licensing is probably redundant here.
The MFA process description doesn't adequately explain whether a user who previously did MFA upon sign-in (potentially several hours ago) would still need to do MFA for their PIM elevation or whether their existing strong auth session would still be considered valid.
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.