April 5, 2016 1 Comment
This is a follow-up post to my article regarding Azure MFA used in an authorization workflow for MIM 2016. You can get some details on the scenario from that post.
As a limitation the Azure MFA SDK can only be used for Phone or SMS (one-way, two-way) authentication but not with the mobile app method. That’s because of mobile app uses a Web Service to get messages pushed and this one needs to be implemented with MFA-Server.
But I find it a neat solution to have an authorization task for an approval of group membership with using the mobile app. There are a couple of things needed to get this working:
- Azure MFA Server
- Installation of Web Service SDK
- Installation of Web Service for Mobile App
- Public Trusted Certificate (or Self Signed for demo lab like I did)
- Optionally: Azure MFA User Portal (For user registering mobile app with QR-Code)
I do not explain how to install these components because there is a lot of very good documentation out there. I used the following one which worked like charm: