- User uses the Azure Application proxy url for the MIM Portal.
- Proxy forces user to log into Azure.
- Azure forces MFA verification for the user.
- Azure directs to the internal MIM Portal
You have published MIM Portal via the Azure Application proxy. See this blogpost.
Deploy Azure MFA on MIM Portal
Go to the Azure Portal
Click on Users, click on MFA
Click on service settings, select options and save
Send the MFA setup url to the users to register for MFA
Setup Conditional Access policy
Go to Security, click Conditional Access
Click on New Policy
Give the policy a Name
Click on users and groups and select users
Click on Cloud app and select MIM Portal
Click on grant and select MFA. Save the policy
Access MIM Portal via Application proxy external url
User in the conditional policy enters the url. Prompted for verification
Enter the code from your phone and MIM Portal website is shown