If a user recieves an authentication prompt on their mobile device and REFUSES to authenticate, this generates a fraud alert sent by Microsoft to the global administrators. This will also lock their account on the Azure side, meaning they will be unable to sign in or approve any authentication requests. This is different than a user account being locked in Active Directory and will require you to unblock their account in the Azure (Entra) admin center. Also, before doing this, check the sign-in logs on their user profile for the log-in request location and IP, and confirm with the user that they were actually the ones that denied the request before unlocking.
User unable to Authenticate with Microsoft Auth App after Potential Fraud Alert
Modified on: Fri, Oct 27, 2023 8:06 AM
Yes No
Sorry we couldn't be helpful. Help us improve this article with your feedback.