![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 87%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGR%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,319 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 30%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Hello @Gabriel Rozzato ,
Thank you for reaching out Microsoft Q&A.
I understand that you want to disable Microsoft Entra ID (formerly known as Azure Active Directory) authentication for the users. Please correct me if I’m wrong.
To disable Microsoft Entra ID authentication for the users, you can use one of the following methods as mentioned below based on how you have enabled Multi factor Authentication for the users in your tenant.
- Disable via Per-User MFA
- Disable via Conditional Access Policy
- Disable via Security Defaults
- Disable via Identity Protection MFA registration policy.
If you are using Per-User Multi-Factor Authentication (MFA) to enforce MFA for the users, you can disable MFA for specific users by following the below mentioned steps:
Steps: Please sign in to Azure Portal using Global Administrator account and then select Microsoft Entra ID → Users.
- On the user's tab Select Per-user MFA
- Set the Multi-Factor Authentication State to Disabled.
If Conditional Access Policies enforces the users for Microsoft Entra ID Multi factor authentication, you can configure them to exclude specific users or groups that should bypass the MFA or if you don't want all the users in your tenant to use MFA, then you can completely disable the CA policy.
If Security Defaults are enabled in your Microsoft Entra ID tenant, it may enforce Microsoft Entra Multi factor authentication. You can disable Security Defaults entirely in your tenant. Steps to Disable Security Defaults:
- Sign in to the Azure Portal atleast as a Security Administrator → Microsoft Entra ID.
- Select Properties.
- Click Manage Security Defaults at the bottom.
- Set Security Defaults option to Disabled as mentioned in the below Screenshot and save changes.
Security Defaults apply to all users globally. If you disable Security Defaults entirely, no user will need to authenticate via MFA.
If the Multi factor Authentication has been enforced through Identity Protection MFA registration policy, you can disable it by following the below mentioned steps.
- Sign in to Azure portal atleast as a Security Administrator. Browse to Protection > Identity Protection > Multifactor authentication registration policy.
- Set Policy enforcement to Disabled.
- Select Save.
For additional information: Per user MFA, Conditional Access, Security Defaults. Configure the MFA registration policy - Microsoft Entra ID Protection | Microsoft Learn
Hope this helps. Do let us know if you any further queries.
If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Regards,
Goutam Pratti.