Introduction:

When you send a verification request to someone's Microsoft Authenticator app, you may see an error message in MSP Process saying that the user has a different "Preferred Auth Method" specified. In this situation, the user will not receive your verification request.

The goal of this KB article is to show you where in M365 you can go to modify a user's preferred authentication method.

Example of the Error:

Steps to resolving the Error:

1. Login to the Microsoft Entra admin center (https://entra.microsoft.com/?l=en.en-us) as a user who has the rights need to modify someone's identity in Entra
2. Navigate to Protection -> Authentication methods
   • 
     
3. Under the Monitoring section, click on User Registration Details
   • 
     
4. Click on the user who's preferred authentication method you want to modify
5. In the MFA Status card, click on Manage MFA Authentication methods
   • 
     
6. Click on the pencil icon that allows you do edit the Default sign-in method
   • 
7. Choose Microsoft Authenticator from the drop-down menu
   • 
8. Click the Save button, and you're done!

Introduction

Microsoft's Authenticator app is a great tool to use when verifying someone's identity through the MSP Process platform - it's more secure than just sending an SMS message, it can leverage additional biometric security mechanisms like Apple's FaceID, and it's convenient - your end-users likely already have the Microsoft Authenticator app on their phone.

In order for the MSP Process platform to send a push notification to your end-users, there are configuration steps that must be taken within that end-user's M365 tenant. This KB article will guide you through those steps.

Prerequisites

• Your end-user's M365 tenant must have an Entra P1 license (or higher) assigned to it
• You must have a set of credentials for your customer's M365 tenant that have Cloud Application Administrator permissions.

Configuring an M365 Tenant

The following steps must be done for each M365 tenant.

1. Login to the MSP Process UI (https://app.mspprocess.com)
2. Navigate to Integrations -> Security Integrations
3. Click the Add New Integration button
   1. 
4. Click on Microsoft Authenticator
   
   1. 
      
5. In the Microsoft window that appears, sign-in to your customer's M365 tenant
6. Follow the prompts to provide MSP Process with the required permissions; when that's completed, you'll be brought to the following page:
   1. 
7. Click the Tap to finish onboarding button
8. You'll be brought back to the MSP Process UI

At this point, you've setup MSP Process to use Microsoft Authenticator to verify the end-users in that M365 tenant with their Microsoft Authenticator app. You'll now see Microsoft Authenticator available as an option within your PSA:

ConnectWise/Halo PSA:

Autotask: