Hi dear community !
I have a .NET application that is integrated with D365 FO deployed on-prem.
Previously, I had an issue to get the access token from ADFS because MFA was enabled.
Now after we modified the MFA groups on ADFS into 2 groups:
1st group that has the MFA policy enabled
2nd group that has 1 user with no MFA policy (because I want to use this user for the integration)
After I did the above modification, I was able to get the access token from ADFS.
But now when I try to call a D365 FO API using this token, I get an HTML code as a response that represents a sign in page asking for a user name and password and also having a hyper link that says /Azure Multi-Factor Authentication/.
In D365 FO > System Administration > Set-up > Azure Active Directory Application (Microsoft Entra ID),
I added a new record with the client ID I got from ADFS application registration (the same client ID I'm getting the token with) and I selected the user that is inside the ADFS group that has MFA disabled and has System Admin role in D365.
I heard that MFA is not supported for on-prem deployments of D365 FO... But the problem is that the MFA is a requirement from the security team...and i'm unable to do my integration.
Do we really need to turn off the MFA?
Or I do need to add more parameters to the API calls?
Please note that the application is working fine successfully in environments that does not have the MFA enabled.
Any advice is appreciated.
Thanks in advance !