ghost
commented
4 years ago This can be accomplished by adding the acr_values query string parameter with a value of mfa to the StartLogin method. When implemented the code would look like
StartLogin = (resourceUrl, state, display) =>
let
authorizeUrl = authorize_uri & "?" & Uri.BuildQueryString([
client_id = client_id,
redirect_uri = redirect_uri,
state = state,
scope = "offline_access https://graph.microsoft.com/.default",
response_type = "code",
response_mode = "query",
login = "login",
acr_values = "urn:microsoft:policies:mfa"
])
in
[
LoginUri = authorizeUrl,
CallbackUri = redirect_uri,
WindowHeight = 860,
WindowWidth = 1024,
Context = null
];
Feature Request
Is your feature request related to a problem? As a partner, who is required to authenticate using MFA, I am frustrated when the connector does not work as expected because the user account used to authenticate was not challenged for MFA due to way Identity Security Defaults works.
Describe the solution you would like The connector should require MFA