ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access

View Only

Expand all | Collapse all

ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access

1. ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access

0 Like
Bipin Dash
Posted Fri December 08, 2023 12:58 PM

Reply
Hello Team,

just wondering for any suggestions if there are any ways to leverage Azure MFA in IBM Security Verify Access (ISVA).

Description -

ISVA has the AAC poilcy which attached to SSO application resources.. when end user access any SSO apps, it prompts MFA for text message and voice. We use third party REST API end points for messaging and call back. Now we want to replace with azure MFA as we have enough licenses.

These users 1st factor authentication i.e. username/password is PTA to on-premise AD. OAuth/OIDC/SAML SSO apps are integrated in ISVA. Is there any complex or simplest way to utilize the azure MFA?

Any suggestions would be helpful.

Thanks,

Bipin

------------------------------
Bipin Dash
------------------------------
2. RE: ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access

0 Like
Philip Nye
Posted Tue December 12, 2023 01:45 AM

Reply
Hey Bipin,

As far as I've seen - Azure/Entra MFA doesn't have a published 'REST' based interface or any practical SDKs. All their integrations are either by OIDC or otherwise.
As such, unfortunately - IMO integration outside of the Microsoft world is 'messy' and custom.
I'm aware of a number of projects that have investigated this, but I'm not aware of a pattern used to achieve this consistently.

You might consider migrating to Passkeys or similar - for a better user experience? And native capabilities in IBM Security Verify Access that don't consume/need Azure licenses.

------------------------------
Philip Nye
IBM
Gold Coast
------------------------------

Original Message
3. RE: ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access

0 Like
Bipin Dash
Posted Tue December 12, 2023 10:28 AM

Reply
Thank you Philip! We do have OOTB TOTP and IBM Verify Push notification. Was verifying if there are options to utilize. Initially I thought MSFT Graph QL API would be helpful but also did a check with MSFT and it won't work as per our requirement.

------------------------------
Bipin Dash
------------------------------

Original Message

IBM Security

Join our 16,000+ members as we work together to overcome the toughest challenges of cybersecurity.

IBM Security Verify

ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access

Bipin DashFri December 08, 2023 12:58 PM

Philip NyeTue December 12, 2023 01:45 AM

Bipin DashTue December 12, 2023 10:28 AM

1. ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access

2. RE: ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access

3. RE: ISVA - How can we leverage Microsoft provided MFA (Text,Voice & Authenticator APP) in IBM security verify Access

Join our 16,000+ members as we work together to
overcome the toughest challenges of cybersecurity.