[English] Unblocking Azure MFA for an O365/AAD user


If for some reason, possible due to a submitted Fraud alert or when setting up initial MFA configuration something went wrong and the user got in a blocked/inconsistent MFA state, the user won't be able to login.

There are 2 ways to go, depending on the scenario:

If O365 Global Admin has an AAD Premium license

Go to O365 Portal > Users > Set Multi-factor authentication requirements: Set up > Service Settings > Manage advanced settings and view reports Go to the portal

  • From Azure Multi-Factor Authentication portal > User Administration > Block/Unblock Users
  • If user is present as blocked: Proceed with unblock
  • If user is not present, MFA is enabled and gets CorrelationID when acessing or DISABLING MFA for user: Force a BLOCK to the user and then UNBLOCK him, DISABLE user MFA and re-enable


If customer has a full Azure Subscription with O365 directory integrated

In Azure Portal > Add new MFA Auth Provider and link it to O365 directory (Attention: if you keep this after unblocking the user and use MFA charges might apply)

Go to AAD directories > O365 directory > Configure > Multi-factor authentication > Manage service settings > Service Settings > Manage advanced settings and view reports Go to the portal

  • From Azure Multi-Factor Authentication portal > User Administration > Block/Unblock Users
  • If user is present and blocked: Proceed with unblock
  • If user is not present, MFA is enabled and gets CorrelationID when acessing or DISABLING MFA for user: Force a BLOCK to the user and than UNBLOCK him, DISABLE user MFA and re-enable
Comments (0)

Skip to main content