Microsoft Office 365 and Entra ID

Microsoft Entra ID and Office 365 support external MFA providers, such as Deepnet DualShield MFA, in 2 different ways:

• Federated Authentication 
• External Authentication Method (EAM)

Federated Authentication is a legacy solution that Microsoft provided in the past. It can only be implemented at the domain level, and it does not fully support Entra ID Conditional Access Policies. In contrast, the External Authentication Method is a modern authentication method that Microsoft provided recently. It can be implemented at any level, including user, group, and domain, and it fully supports Conditional Access Policies in Entra ID.

Therefore, we recommend the External Authentication Method (EAM) over Federated Authentication.

• Office 365 MFA via External Authentication Method
• Office 365 MFA via Federated Authentication