03-21-2025 12:37 AM
If I enroll or integrate my Azure AD with Cisco Duo for MFA, will third-party apps that rely on the Azure AD account also have MFA from Duo, since Office works with MFA?
03-21-2025 02:34 AM
Only if you connect that Specific application with the Microsoft Azure AD Single Sign On page information. but also are you talking about Microsoft AD integration as well?
Regards - NC
03-21-2025 02:50 AM
For example, I've already integrated Azure AD with Duo, and MFA is working when logging into office. However, for third-party apps that rely on the Azure AD account (e.g., Discord, which is integrated with Azure AD), will Duo MFA also work there? Or do I need to configure those apps separately using SSO in Duo?
03-21-2025 06:23 AM
There are multiple ways to protect Entra ID accounts with Duo. The answer to your question depends on the configuration used.
- Duo SSO (SAML): for any application, when a federated user enters their username which is in the Duo SSO federated domain Entra ID will redirect them to the external IdP (Duo) to sign in.
- Duo CA custom control and Duo EAM: You can selectively choose which applications to target in the conditional access policy that has the Duo custom control or EAM method.
05-12-2025 11:39 PM
Hi Kristina,
The configuration we used is Duo EAM. However, upon testing, the third paarty applications integrated with Entra ID accounts, there's no Duo MFA prompted.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide