π Troubleshooting Tip: EAM Not Showing as an Option
If users don't see your External Authentication Method (EAM) as a sign-in option, here's a quick fix to check!
π‘οΈ Tip 1: Configure a Conditional Access Policy for MFA
This ensures users are prompted for MFA, which is often required before the EAM option appears.
Go to the Microsoft Entra Admin Center.
Navigate to:
Protection β Conditional Access β PoliciesClick + New policy.
Give your policy a descriptive name (e.g., "Require MFA for EAM Users").
Assignments > Users: Select the same group you added to your EAM configuration.
Target resources: Select All resources (or choose specific apps for testing).
Access controls > Grant:
Select Grant access
Check the box for Require multifactor authentication
Click Select
Set Enable policy to On.
Click Create.
Test it out! Have a user in the group log in. After entering their username and password, they should now see the EAM option. π
π Tip 2: Check Authentication Strengths Settings
If the EAM option is still missing, the authentication strength configuration might be blocking it.
In the Entra Admin Center, go to:
Protection β Authentication methods β Authentication strengthsFind and click on Microsoft Authenticator.
Click the Configure tab.
Important: Ensure all options are set to Enabled instead of Microsoft Managed.
"Microsoft Managed" means Microsoft decides when to show the option, which can sometimes hide your EAM.
Click Save.
