Closed mpxgit closed 5 months ago
picman
commented
7 months ago Yes, it is supported. Check your plugin's settings and your app registration. The plugin itself has nothing to do with 2FA. It just hands over the authentication to Azure and waits for its callback to be called.
mpxgit
commented
7 months ago We have found a solution to force using the MFA. According to Microsoft OAuth 2.0 Protocol Extensions we added amr_values=ngcmfa to the 'Azure AD' authorize_url.
authorize_url: "/#{Setting.plugin_redmine_oauth[:tenant_id]}/oauth2/authorize?amr_values=ngcmfa",
Since ruby is not my language i don't think that this ist the correct way.
picman
commented
5 months ago I think that it is a good approach and you can modify the authorization URL using Custom provider in the plugin's settings.
Hello Kontron,
is the 2FA with Azure AD supported. We get the following error after login with username and password.
interaction_required: AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access.
Normaly the second authentication screen should appear.