Introduction
A conditional access policy is a powerful feature that provides flexibility in enforcing security controls based on specific conditions, such as user risk, device compliance, or geographic location.
In this article, we will explore how to configure a Conditional Access Policy in Azure AD B2C to bypass Multi-Factor Authentication (MFA) for specific users or scenarios.
Configure Conditional Access Policy
Step 1. Login to Azure AD B2C tenant.
Step 2. Go to Azure AD B2C -> Select Conditional Access under Security Blade.
Step 3. Select New Policy and name the policy. I called it a “bypass MFA”.
Step 4. Under Assignments, select Users and select the user from the excluding section to bypass the MFA for that user and include all other users.
Step 5. From Target resources, select the resources/cloud app where this policy should be applied.
Step 6. Under access control, select Grant -> Grant access – select Require multifactor authentication.
![Grant access]()
Step 7. Apply conditional access policy to the user flow.
Step 8. Enforce conditional access policies.
![Access policies]()
Summary
We have seen how to configure Azure AD B2C Conditional Access to selectively bypass Multi-Factor Authentication (MFA) for individual users. This guide provides step-by-step instructions for creating policies based on user attributes. Explore scenarios for user-specific MFA exemptions while maintaining security.