Other Integrations & Connections

Office365 User MFA in Vanta

  • Updated

 

What is Vanta looking for?

How can I test this?

  • If the "IsMfaRegistered" field returns false, Vanta will show that the user does not have MFA enabled for their account. Ensure that the user has MFA turned on and that it is registered for their account.

 

Potential Issues

  • Something that could cause "isMfaRegistered" to return false is if "Legacy MFA" is being used.

You can check and change this setting in Microsoft 365 admin center (You must be a Global admin to manage MFA):

  1. In the Microsoft 365 admin center, in the left navigation choose Users > Active users.
  2. On the Active users page, choose Multi-factor authentication.
  3. On the multi-factor authentication page, if you see Multi-Factor auth status as Enabled, it means you are using legacy MFA for this user. So, you need to disable it.
  4. To disable the legacy MFA, you need to select each user and set their Multi-Factor auth status to Disabled.
    • If you use legacy MFA for users, these records cannot be retrieved via Graph API. If you want to enable MFA for your user, you need to go to the below link, and add a new method: https://mysignins.microsoft.com/security-info

MicrosoftSecurity.png

  • Once these settings are modified, the Graph API should return the correct MFA status for these users.

Was this article helpful?

Have more questions? Submit a request