You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory-b2c/multi-factor-authentication.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,7 +8,7 @@ manager: CelesteDG
8
8
ms.service: active-directory
9
9
ms.workload: identity
10
10
ms.topic: how-to
11
-
ms.date: 12/09/2021
11
+
ms.date: 01/14/2022
12
12
ms.custom: project-no-code
13
13
ms.author: kengaderdus
14
14
ms.subservice: B2C
@@ -79,9 +79,9 @@ A customer account is created in your tenant before the multifactor authenticati
79
79
80
80
::: zone pivot="b2c-custom-policy"
81
81
82
-
To enable multifactor authentication, get the custom policy starter packs from GitHub as follows:
82
+
To enable multifactor authentication, get the custom policy starter pack from GitHub as follows:
83
83
84
-
-[Download the .zip file](https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/archive/master.zip) or clone the repository from `https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack`, and then update the XML files in the **SocialAndLocalAccountsWithMFA** starter pack with your Azure AD B2C tenant name. The **SocialAndLocalAccountsWithMFA** enables social, local, and multifactor authentication options, except the Authenticator app - TOTP MFA option.
84
+
-[Download the .zip file](https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/archive/master.zip) or clone the repository from `https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack`, and then update the XML files in the **SocialAndLocalAccountsWithMFA** starter pack with your Azure AD B2C tenant name. The **SocialAndLocalAccountsWithMFA** enables social and local sign in options, and multifactor authentication options, except for the Authenticator app - TOTP option.
85
85
- To support the **Authenticator app - TOTP** MFA option, download the custom policy files from `https://github.com/azure-ad-b2c/samples/tree/master/policies/totp`, and then update the XML files with your Azure AD B2C tenant name. Make sure to include `TrustFrameworkExtensions.xml`, `TrustFrameworkLocalization.xml`, and `TrustFrameworkBase.xml` XML files from the **SocialAndLocalAccounts** starter pack.
86
86
- Update your [page layout] to version `2.1.9`. For more information, see [Select a page layout](contentdefinitions.md#select-a-page-layout).
87
87
@@ -97,7 +97,7 @@ When an Azure AD B2C application enables MFA using the TOTP option, end users ne
97
97
1. Select **+ Add account**.
98
98
1. Select **Other account (Google, Facebook, etc.)**, and then scan the QR code shown in the application (for example, *Contoso webapp*) to enroll your account. If you're unable to scan the QR code, you can add the account manually:
99
99
1. In the Microsoft Authenticator app on your phone, select **OR ENTER CODE MANUALLY**.
100
-
1. In the application (for example, *Contoso webapp*), select **Still having trouble?** to show**Account Name** and **Secret**.
100
+
1. In the application (for example, *Contoso webapp*), select **Still having trouble?**. This displays**Account Name** and **Secret**.
101
101
1. Enter the **Account Name** and **Secret** in your Microsoft Authenticator app, and then select **FINISH**.
102
102
1. In the application (for example, *Contoso webapp*), select **Continue**.
103
103
1. In **Enter your code**, enter the code that appears in your Microsoft Authenticator app.
@@ -108,7 +108,7 @@ Learn about [OATH software tokens](../active-directory/authentication/concept-au
108
108
109
109
## Delete a user's TOTP authenticator enrollment (for system admins)
110
110
111
-
In Azure AD B2C, you can delete a user's TOTP authenticator app enrollment. Then the user would be required to re-enroll their account to use TOTP authentication again. To delete a user's TOTP enrollment, you can use either the Azure portal or the Microsoft Graph API.
111
+
In Azure AD B2C, you can delete a user's TOTP authenticator app enrollment. Then the user would be required to re-enroll their account to use TOTP authentication again. To delete a user's TOTP enrollment, you can use either the [Azure portal](https://portal.azure.com) or the [Microsoft Graph API](/graph/api/softwareoathauthenticationmethod-delete).
112
112
113
113
> [!NOTE]
114
114
> - Deleting a user's TOTP authenticator app enrollment from Azure AD B2C doesn't remove the user's account in the TOTP authenticator app. The system admin needs to direct the user to manually delete their account from the TOTP authenticator app before trying to enroll again.
0 commit comments