Closed ghost closed 4 years ago
This can be accomplished by adding the acr_values
query string parameter with a value of mfa
to the StartLogin method. When implemented the code would look like
StartLogin = (resourceUrl, state, display) =>
let
authorizeUrl = authorize_uri & "?" & Uri.BuildQueryString([
client_id = client_id,
redirect_uri = redirect_uri,
state = state,
scope = "offline_access https://graph.microsoft.com/.default",
response_type = "code",
response_mode = "query",
login = "login",
acr_values = "urn:microsoft:policies:mfa"
])
in
[
LoginUri = authorizeUrl,
CallbackUri = redirect_uri,
WindowHeight = 860,
WindowWidth = 1024,
Context = null
];
Feature Request
Is your feature request related to a problem? As a partner, who is required to authenticate using MFA, I am frustrated when the connector does not work as expected because the user account used to authenticate was not challenged for MFA due to way Identity Security Defaults works.
Describe the solution you would like The connector should require MFA