BMS Admin | Email Parser | Disabling MFA for an email parser user

Question

How do I disable MFA for the email parser user?

Answer

OAuth 2.0 does not work with MFA when the application type is a background service with no manual interaction. MFA is built for manual user interaction to provide MFA code and authenticate.

For the users who are concerned about disabling the MFA for the email parser user, they can simply do it by IP Address. Only requests coming from the BMS servers with OAuth token requests can bypass MFA, and this will remove the concerns. This can be done as follows:

  1. Log into Microsoft admin portal (https://admin.microsoft.com/adminportal/home/).
  2. Click Users > Active Users.

    disable_MFA_email_parser1.PNG
  3. Next, click Multi-Factor Authentication.

    disable_MFA_email_parser2.PNG
  4. Select the user whose MFA is enabled and then click service settings. You will be taken to a different page.

    disable_MFA_email_parser3.PNG
  5. Under Trusted IPs, click in the text box and type the IP address or range of addresses that you want to exclude from MFA based on the BMS server used.
    • US BMS (bms.kaseya.com) IP Address: 52.144.52.4/32
    • UK BMS (bmsemea.kaseya.com) IP Address: 212.54.132.109/32
    • APAC BMS (bmsapac.kaseya.com) IP Address: 13.55.204.127/32
    • Vorex ( vorexlogin.com ) Server IP Address: 52.144.52.202/32
    • This way you will be able to set up the email parser for the O365 account which is enabled with the MFA.

      disable_MFA_email_parser4.PNG
  6. Click Save.

Related Article

OAuth2.0 for Microsoft O365 with PSA email parser

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us
Provide feedback for the Documentation team!