Scenario: you enable multi-factor authentication (MFA) for a user in Office 365, they go through and configure it but then they keep getting prompted for credentials in Outlook and can’t proceed.
Additional Symptom:
The prompt box is the old school type and not the modern authentication style.
Fix:
Modern auth may be disabled on the tenant.
Run this PowerShell against the tenant:
Get-OrganizationConfig | Format-Table Name,OAuth* -Auto
If it gives false, modern auth needs enabled and this is your issue.
Run this to enable it. Takes affect nearly immediately and no negative impact:
Set-OrganizationConfig -OAuth2ClientProfileEnabled $true
Jason works as a project specialist at an IT MSP in Erie, Pennsylvania, USA. He’s an IT/security professional with 19 years experience.