0

I want to validate user credential from Azure AD. It works for users who haven't enable MFA.but MFA enabled users getting below error.

Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access

So it need a way to ignore MFA ,when we accessing though the graph API

this is my code.

     var values = new Dictionary<string, string>
        {
        { "grant_type", "password" },
        { "client_secret", appKey },
        { "client_id", clientId },
        { "username", userName },
        { "password", password },
        { "scope", "User.Read openid profile offline_access" },
        };

        HttpClient client = new HttpClient();
        string requestUrl = $"https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token";
        var content = new FormUrlEncodedContent(values);

        var response = client.PostAsync(requestUrl, content).Result;

        if (response.IsSuccessStatusCode)
        {
            return true;
        }
        else
        {
            return false;
        }
Improve this question
1
  • Yes the grant type you are trying is not supported for MFA that's why user who enabled MFA are getting that error. Commented Apr 9, 2020 at 4:27

1 Answer 1

Reset to default
1

The correct way to validate user credentials is have the user authenticate interactively through a browser. This will allow them to go through MFA, login through federation with ADFS etc. And most importantly, the users do not have to give their password to your app.

The flow you are trying to use only exists in the spec as an upgrade path for legacy applications. Its usage becomes essentially impossible once MFA is enabled.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.