Requiring multi-factor authentication for on-premises Microsoft resources has been a difficult challenge, ever since Microsoft acquired PhoneFactor in 2012 and slowly but steadily turned its technologies into Azure MFA.
Today, we’re reaching the end of the line for one of the intermediate multi-factor authentication solutions: the Azure MFA SDK.
About the Azure MFA SDK
The Azure Multi-factor Authentication Software Development Kit (Azure MFA SDK) was a separately available download from the PhoneFactor portal. It allowed applications, systems and services to communicate to an application programming interface (API) to require multi-factor authentication using the Azure MFA infrastructure in Microsoft’s datacenters.
The Azure MFA SDK allowed developers to require multi-factor authentication, straight from their Perl, Ruby, PHP, ASP.Net and Java-based applications and services. Additionally, Microsoft offered integration between Microsoft Identity Manager (MIM)’s Privileged Access Management (PAM) and Self-service Password Reset (SSPR) features to require multi-factor authentication for role activation.
Azure MFA SDK End of Life
Today marks the end of availability for the Azure Multi-factor Authentication Software Development Kit (Azure MFA SDK):
As of today, calls made to the SDK will fail.
Call to Action
If your organization is still using the Azure MFA SDK, you need to migrate:
Azure MFA SDK for MIM
If you use the azure MFA SDK with Microsoft Identity Manager (MIM)’s Privileged Access Management (PAM) and Self-service Password Reset (SSPR) features, migrate to Azure MFA Server.
- Implement Azure MFA Server with the Azure MFA Server Web Service SDK component
- Upgrade Microsoft Identity Manager to version 184.108.40.206, or above
- Activate Privileged Access Management (PAM) by editing the MfaSettings.xml file.
More detailed instructions are available here.
Azure MFA SDK for customized apps
Consider integrating your app into Azure AD and use Conditional Access to enforce MFA. To get started, review this page.
HOWTO: Install Azure Multi-Factor Authentication (MFA) Server 220.127.116.11
Connecting to Azure MFA Server’s Web Service SDK using certificate authentication Supported Azure MFA Server Deployment Scenarios and their pros and cons
Using Azure MFA for activation for MIM Privileged Access Management (PAM)
Integrating Azure Active Directory with applications getting started guide
Use Azure Multi-Factor Authentication Server to activate PAM or SSPR