How to grant permissions for resetting 2FA for O365 accounts

<p>If you have the need to grant permissions for resetting 2FA for O365 accounts this guide should help&period;<&sol;p>&NewLine;<p>Until recently&comma; in order to reset 2FA permissions for O365 or Microsoft 365 users&comma; your account had to be a member of the Global admin group&period; Finally&comma; Microsoft has added the built-in role to grant non-global admins permissions for resetting 2FA for users without giving them additional unnecessary permissions&period;<&sol;p>&NewLine;<p>Here&&num;8217&semi;s how to do it&colon;<&sol;p>&NewLine;<p>Navigate to <a href&equals;"https&colon;&sol;&sol;portal&period;azure&period;com&sol;" target&equals;"&lowbar;blank" rel&equals;"noopener noreferrer">Azure Portal<&sol;a> of your tenant&period; From the home screen navigate to <strong>Azure Active Directory<&sol;strong>&period;<&sol;p>&NewLine;<p>In the left pane click on <strong>Roles and Administrators<&sol;strong>&period; In the right pane click on <strong>Privileged authentication administrator<&sol;strong>&period;<&sol;p>&NewLine;<p><img class&equals;"alignnone wp-image-3970 size-full" title&equals;"grant permissions for resetting 2FA for Office 365" src&equals;"https&colon;&sol;&sol;www&period;wincert&period;net&sol;wp-content&sol;uploads&sol;2020&sol;11&sol;2fa-permissions&period;png" alt&equals;"grant permissions for resetting 2FA for Office 365" width&equals;"602" height&equals;"102" &sol;><&sol;p>&NewLine;<p>Click on <strong>Add assignments<&sol;strong> and add your users&period;<&sol;p>&NewLine;<p><img class&equals;"alignnone wp-image-3971 size-full" title&equals;"grant permissions for resetting 2FA for Office 365" src&equals;"https&colon;&sol;&sol;www&period;wincert&period;net&sol;wp-content&sol;uploads&sol;2020&sol;11&sol;2fa-permissions-2&period;png" alt&equals;"grant permissions for resetting 2FA for Office 365" width&equals;"469" height&equals;"40" &sol;><&sol;p>&NewLine;<p>Please have in mind that this group membership grants users permission to view&comma; set&comma; and reset authentication method information for any user &lpar;admin or non-admin&rpar;&period;<&sol;p>&NewLine;<p><strong>Here&&num;8217&semi;s the full description&colon;<&sol;strong><br &sol;>&NewLine;<em><strong>Users with this role can view the current authentication method information and set or reset non-password credentials for all users&comma; including global administrators&period; Privileged Authentication Administrators can force users to re-register against existing non-password credentials &lpar;e&period;g&period; MFA&comma; FIDO&rpar; and revoke &&num;8216&semi;remember MFA on the device&&num;8217&semi;&comma; prompting for MFA on the next login of all users&period;<&sol;strong><&sol;em><&sol;p>&NewLine;<p>Hopefully&comma; this tutorial will help you grant permission for resetting 2FA for O365 accounts&period; Comments are welcome&excl;<&sol;p>&NewLine;