Skip navigation
Product & Engineering

Announcing Duo’s Native MFA For Microsoft’s Microsoft Entra ID


  • Many organizations are migrating their identity (Azure Active Directory) and productivity (Office 365) workloads to the Microsoft cloud.
  • Credential theft and vulnerable devices continue as top security concerns in the age of cloud and BYOD. Organizations want to ensure that security investments in these areas will continue to protect them as they make this move.
  • Organizations can now use Duo’s authentication natively within Azure AD.
  • Duo’s authentication for Azure AD is available on Duo MFA, Duo Access and Duo Beyond editions.

In the past few years, we’ve seen a major movement of workloads shift from traditional on-premises infrastructures to the public cloud. While moving to the cloud has clear benefits, one of the top concerns we continue to hear from companies is their ability to keep existing security investments as they migrate.

Simplifying Identity Solutions to Securely Connect to Cloud Apps

For example, configuring authentication and federation for cloud services is not a trivial task. Most organizations are migrating from existing directory solutions, so they must deploy complex identity bridges like Microsoft Active Directory Federation Services (ADFS) or third-party Identity-as-a-Service (IDaaS) solutions to connect a variety of cloud applications with their on-premises directories. This led to additional administrative burden for IT and security teams, while frustrating end users with inconsistencies in how they access their work resources.

What if there was a way to use a single identity source for all your cloud and internal applications, while providing a consistent, seamless authentication and access experience for your end users? Over the past year, Duo and Microsoft have been working together to provide just that.

Today, we are excited to announce that Duo will be offering native multi-factor authentication within Azure AD. This means that organizations can now select Duo as their preferred authentication and access management provider for users accessing cloud applications connected to Azure AD.

Duo’s Access Policies for Securing BYOD Environments

The full breadth of Duo’s security checks and policies are available to Azure AD customers to help them mitigate risks associated with credential theft and BYOD environments. How does it work?

  • In Azure AD, administrators simply select Duo as their secondary authentication provider for specific applications.
  • Then within Duo, administrators can customize more granular access policies based on the security hygiene of the user and device.
  • For example, an administrator will be able to ensure that only people who have completed Duo’s two-factor authentication with up-to-date devices can access their Office 365 accounts; and they can do all this without deploying ADFS or other IDaaS solutions.

Duo MFA Access Controls in Azure AD

Duo + Microsoft = Safe, Fast Migration to the Cloud

Duo is always looking for ways to safely enable customers to embrace cloud and mobile technologies; this integration with Microsoft Azure AD is another great example of helping organizations move to the Microsoft cloud faster and safer than ever before.

Duo’s authentication for Azure AD is available for all Duo MFA, Duo Access and Duo Beyond customers. Duo’s authentication for Azure AD is available for Azure AD Premium P2 customers.

You can learn more about Duo’s integration with Azure AD in the following ways: