Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
754
Views
0
Helpful
1
Replies

Duo for Azure AD not passing authentication back to the CA Policy

Brian.Edson1
Level 1
Level 1

‎09-01-2022 01:24 PM

Hello,

I have an issue with a Duo Implementation with Azure AD and a conditional access policy. For authentications with a Mobile phone app, the users are presented the login screen for Azure AD, enters the password, and then presented the Duo options. They push the prompt, and approve it. From there, the log in Azure shows that the MFA was not satisfied even though the user approved the login.

This works fine on workstations, laptops/desktops. Just on mobile phone apps that support Modern Authentication.

Help!

Labels:
0 Helpful
1 Reply 1

DuoKristina
Cisco Employee
Cisco Employee

‎09-14-2022 05:46 AM

Are the mobile users blocked from completing log in to Azure when this happens?

Do you also have any CA policies applied to mobile app sign-in with the “Require multifactor authentication” access control?

Azure does not recognize the Duo custom control for CA (or any third-party custom control) as “multifactor authentication”, so if you have a CA policy applied that includes the “Require multifactor authentication” rule, then it can’t be satisfied by third-party custom controls.

The information here describes Microsoft’s limitations for custom controls.

Duo, not DUO.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents