IDEE
← External MFA Integration (M365)

Script Method

πŸ“‹ Prerequisites

  • Global Administrator role on your Microsoft Entra tenant

  • A non-elevated PowerShell window (do NOT run as Administrator!)

  • Internet access to connect to Microsoft Graph

⚑ Step-by-Step Script Execution

Step 1: Run the Script

  1. Open a standard PowerShell window (right-click β†’ "Open PowerShell" – NOT as admin).

  2. Navigate to the folder containing the script.

  3. Run the script

Step 2: Authenticate as Admin

  • A browser window will pop up.

  • Log in with your Global Admin credentials.

  • Approve any consent prompts that appear.

Step 3: Provide the Client ID

  • After the first part completes, you'll be prompted to paste in the Client ID from your OIDC integration.

  • Right-click in the PowerShell window to paste it, then press Enter.

βœ… The script will now finish the configuration automatically.

πŸ”§ Post-Script Configuration

Once the script runs successfully, follow these steps to finalize the setup:

Step 4: Find the New App Registration

  1. Go to the Microsoft Entra Admin Center.

  2. Navigate to:
    Identity β†’ Applications β†’ App registrations

  3. Find the app named: AuthN by IDEE - EAM

  4. Copy the Application (client) ID πŸ“‹

Step 5: Update the E-MFA Method

  1. Go to: Authentication methods

  2. Find the AuthN by IDEE E-MFA method in the list.

  3. Click Edit (or open the method).

  4. In the Configure tab, paste the App ID you just copied.

  5. Click Approve or Save.

Step 6: Assign Users & Enable

  1. Go to the Target tab.

  2. Select the group of users who should have access to this E-MFA method.

  3. Toggle the Enable switch to On.

  4. Click Save.

EAMAutoDeployment.ps1