We have a requirement to have B2C Authentication to log on to Appian. This initial logon will be without MFA. However depending on the interface they access, we want to enforce MFA for accessing those user interfaces. Is there a way this can be achieved in Appian? Do we have the ability to access the token sent back from Azure B2C to check if MFA was done or not and then redirect them to reauthenticate with MFA?
Discussion posts and replies are publicly visible
You could simply ping the /me endpoint using the Graph API by using Oauth code grant.
https://learn.microsoft.com/en-us/graph/api/user-get?view=graph-rest-1.0&tabs=http
https://docs.appian.com/suite/help/24.1/Oauth_connected_system.html
To force them to reauthorize, you could invalidate the sign in sessions.
https://learn.microsoft.com/en-us/graph/api/user-revokesigninsessions?view=graph-rest-1.0&tabs=http
Hope this helps.
is it possible to read the claims returned for the user from Appian without syncing them to a user profile? Have you had any experience doing this Mathieu Drouin ?