The Azure MFA SDK stops working today

Reading Time: 2 minutes

Azure Multi-factor Authentication

Requiring multi-factor authentication for on-premises Microsoft resources has been a difficult challenge, ever since Microsoft acquired PhoneFactor in 2012 and slowly but steadily turned its technologies into Azure MFA.

Today, we’re reaching the end of the line for one of the intermediate multi-factor authentication solutions: the Azure MFA SDK.

About the Azure MFA SDK

The Azure Multi-factor Authentication Software Development Kit (Azure MFA SDK) was a separately available download from the PhoneFactor portal. It allowed applications, systems and services to communicate to an application programming interface (API) to require multi-factor authentication using the Azure MFA infrastructure in Microsoft’s datacenters.

The Azure MFA SDK allowed developers to require multi-factor authentication, straight from their Perl, Ruby, PHP, ASP.Net and Java-based applications and services. Additionally, Microsoft offered integration between Microsoft Identity Manager (MIM)’s Privileged Access Management (PAM) and Self-service Password Reset (SSPR) features to require multi-factor authentication for role activation.

Azure MFA SDK End of Life

Today marks the end of availability for the Azure Multi-factor Authentication Software Development Kit (Azure MFA SDK):

Azure MFA SDK End of Support Timeline

As of today, calls made to the SDK will fail.

Call to Action

If your organization is still using the Azure MFA SDK, you need to migrate:

Azure MFA SDK for MIM

If you use the azure MFA SDK with Microsoft Identity Manager (MIM)’s Privileged Access Management (PAM) and Self-service Password Reset (SSPR) features, migrate to Azure MFA Server.

  1. Implement Azure MFA Server with the Azure MFA Server Web Service SDK component
  2. Upgrade Microsoft Identity Manager to version, or above
  3. Activate Privileged Access Management (PAM) by editing the MfaSettings.xml file.

More detailed instructions are available here.

Azure MFA SDK for customized apps

Consider integrating your app into Azure AD and use Conditional Access to enforce MFA. To get started, review this page.

Further reading

HOWTO: Install Azure Multi-Factor Authentication (MFA) Server       
Connecting to Azure MFA Server’s Web Service SDK using certificate authentication    Supported Azure MFA Server Deployment Scenarios and their pros and cons     
Using Azure MFA for activation for MIM Privileged Access Management (PAM)  
Integrating Azure Active Directory with applications getting started guide    
Use Azure Multi-Factor Authentication Server to activate PAM or SSPR

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.