MFA using IdP for conditional access M365

Philip Brusten philip.brusten at
Thu Feb 20 11:22:31 EST 2020


has anyone integrated their Shibboleth IdP software with a custom 
control using conditional access on MS Azure AD (requires premium p1 

(looks like OpenID connect is also involved ~ DiscoveryURL)

We provide a MFA solution on our IdP and would like to integrate it with 
M365 to avoid our users to use a 2nd solution using MS Authenticator.

This seems interesting as well, but not sure if this works with SAML2.0:

please confirm with the 3rd party MFA solution provider that the MFA 
solution cannot be configured to flow the 
authenticationmethodsreferences claim (with value multipleauthn) to 
Azure AD to indicate that MFA verification has been completed during 
user authentication

Is it just a matter of setting the AD FS claim 
with value "" when MFA 
has been performed?



More information about the users mailing list