Thank you Philip! We do have OOTB TOTP and IBM Verify Push notification. Was verifying if there are options to utilize. Initially I thought MSFT Graph QL API would be helpful but also did a check with MSFT and it won't work as per our requirement.
------------------------------
Bipin Dash
------------------------------
Original Message:
Sent: Tue December 12, 2023 01:45 AM
From: Philip Nye
Subject: ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access
Hey Bipin,
As far as I've seen - Azure/Entra MFA doesn't have a published 'REST' based interface or any practical SDKs. All their integrations are either by OIDC or otherwise.
As such, unfortunately - IMO integration outside of the Microsoft world is 'messy' and custom.
I'm aware of a number of projects that have investigated this, but I'm not aware of a pattern used to achieve this consistently.
You might consider migrating to Passkeys or similar - for a better user experience? And native capabilities in IBM Security Verify Access that don't consume/need Azure licenses.
------------------------------
Philip Nye
IBM
Gold Coast
Original Message:
Sent: Fri December 08, 2023 12:58 PM
From: Bipin Dash
Subject: ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access
Hello Team,
just wondering for any suggestions if there are any ways to leverage Azure MFA in IBM Security Verify Access (ISVA).
Description -
ISVA has the AAC poilcy which attached to SSO application resources.. when end user access any SSO apps, it prompts MFA for text message and voice. We use third party REST API end points for messaging and call back. Now we want to replace with azure MFA as we have enough licenses.
These users 1st factor authentication i.e. username/password is PTA to on-premise AD. OAuth/OIDC/SAML SSO apps are integrated in ISVA. Is there any complex or simplest way to utilize the azure MFA?
Any suggestions would be helpful.
Thanks,
Bipin
------------------------------
Bipin Dash
------------------------------