I'm trying to find out how to configure Trusted IPs to bypass Multi-Factor Authentication (MFA) verification when using the latest Authentication methods and Conditional Access setups. Previously, we were able to do this under the legacy MFA policy, but I'm not sure how it works now. Any tips or guidance would be greatly appreciated!
3 Answers
Thanks for that! I think I got it, but I’m gonna create a separate Conditional Access policy for the user accounts that need to bypass MFA at the Trusted Location (like a service account). Then I’ll set up another one for the rest of the users, excluding that service account. This wasn't possible before, but it seems doable now!
Just a heads up – make sure to apply exemptions on the policy! It’s really important so that admins and critical accounts still need to go through MFA to keep everything secure.
To set up Trusted IPs, head over to Conditional Access, then navigate to Named Locations. Create a new location for the IPs you want to trust. After that, go to your Conditional Access policy, click on Network, and then on the Exclude tab. From there, select 'Selected networks and locations' and choose the Named Location you created earlier.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures