Trigger manual MFA Request for user via PowerShell or other tool?
Does anyone know if there is a way to manually trigger an MFA request for a user via PowerShell or another tool? The use case is that we would like to try and use Azure MFA as a means of identity validation, this is needed because of some legacy applications or other scenarios where we simply need to verify identity and would like to use Azure MFA for this as opposed to implementing a new MFA tool.
The perfect solution would use the sms method by default and automatically send an MFA code to a user of our choosing via the script/tool so they could read the response back to us to enter in a form to see if valid as proof of identity.
Does anyone know if something like this would be possible via PowerShell or another cmdlet/tool?
To my knowledge this is not possible - Azure MFA does not work as a standalone notification system, it is extending the authentication in AzureAD.
If your applications would use AzureAD, or could be integrated with AzureAD (Quickstart: Add an application to your tenant - Azure AD | Microsoft Docs) you could then also use AzureMFA for the authentication.
So it all depends on what authentication system those apps are using - if it can be integrated with AzureAD, you can integrate it with AzureMFA. Manually triggering the notification via SMS or OATH is afaik not possible, at least not exposed as PowerShell or API option.
Get consultations form Technical Presales & Deployment services team via https://aka.ms/technicalservices