Does DUO integrate with Microsoft Azure Active Directory B2C?

2
votes

I am reading about the DUO two-factor authentication extension for Microsoft Azure Active Directory, and the documentation is here. However, it doesn't seem that DUO is integrable with Azure AD B2C because these instructions are specific for Azure AD (for example, under the "Create the Duo MFA Custom Control" header, step #2 says "Go to Azure Active Directory -> Conditional Access"; yet the Azure AD B2C page in the portal doesn't have a Conditional Access tab).

Therefore, my questions are:

  1. How is DUO above different than the built-in multi-factor authentication Azure AD B2C solution?
  2. Does DUO integrate with Azure AD B2C or not?
2
azure-active-directoryazure-ad-b2cmulti-factor-authentication

2 Answers

4
votes

Duo is integrated with the conditional access feature that is available for the Azure AD "Enterprise" service.

This feature is not available for the Azure AD B2C service.

Azure AD B2C's multi-factor authentication provider is limited to the second-factor authentication of users by a phone call or a phone message.

Duo supports a phone call, a phone message, as well as a push notification to Duo's phone app.

You might be able to integrate Azure AD B2C with Duo using an Azure AD B2C custom policy and the Duo Auth API.

For an example of how Azure AD B2C can be integrated with a third-party multi-factor authentication provider, such as Authy, see the Wingtip custom policies and watch this walkthrough video.

1
votes

How is DUO above different than the built-in multi-factor authentication Azure AD B2C solution?

  • Duo Security

Duo Security is used to provide second form-factor authentication for remote access to our corporate information. It provides cloud-based two-factor authentication. Duo’s technology can be deployed to protect users, data, and applications from breaches, credential theft, and account takeover.

  • Microsoft Azure Multi-Factor Authentication

Azure Multi-Factor Authentication reduces organizational risk and helps enable regulatory compliance by providing an extra level of authentication. It is being used for custom applications and as a way to help secure them.

Generally, Duo Security is more popular than Microsoft Azure Multi-Factor Authentication. Some other details, you could refer to the articles, 1 and 2.

Does DUO integrate with Azure AD B2C or not?

It seems that DUO Security does not integrate with Azure AD B2C currently, I could not find the Conditional Access in my b2c tenant and any related official documentation.