Azure B2C: International Users not receiving MFA codes

Jackson, Chris 0 Reputation points
2024-07-24T00:02:51.62+00:00

We have been using Azure B2C as our customer SSO solution for almost 4 years now. That includes MFA via SMS and Phone Call. All of this has been implemented with Custom Policies.

Our primary user base is in the U.S. However, we are now attracting some non-U.S. customers. Unfortunately, while the MFA process works extremely well for U.S. phone numbers, users from other countries do not receive their MFA codes. So far this has been true for customers in Australia, Canada, Germany and Mexico.

When checking the sign-in logs, we see the MFA failures, often with an error showing the number is unreachable. However, when we text the individual directly via one of our phones, the messages get through.

Does anyone know of a setting, configuration or "trick" to allow us to send to international users?

Cheers.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,836 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marilee Turscak-MSFT 36,811 Reputation points Microsoft Employee
    2024-07-25T23:37:06.3633333+00:00

    Hi @Jackson, Chris ,

    Thanks for sharing your experience. For international users, there are some formatting requirements for the phone numbers that are a bit different, and there are some feature backlog items to improve the experience. I would recommend having those users try these steps:

    • Have the user enter the phone number with a space added between the country code and dropping the leading zero. Example: +44 1234567890
    • Check the MFA logs. If you see an invalid phone input error (like "UserVoiceAuthFailedInvalidPhoneInput"), it usually means that there is an issue with the service provider reaching the MFA service.

    If neither of these options help, I would recommend creating a support case or sharing additional logs with me so that I can better troubleshoot. The support engineer will be able to look at your setup and isolate the issue to the service itself, the environment, or the service provider.

    If the information helped you, please Accept the answer. This will help us and improve searchability for others in the community who may be researching similar questions. Otherwise let us know if you have further questions.

    0 comments
  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

  3. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.