Audit MFA Registration in Microsoft 365
Review which users have authentication methods registered before assuming MFA coverage is handled.
Example playbook / Read-only / Validation pending
Read playbook →Guides
These are the checks I want in front of me before I start changing a tenant. The goal is not to automate judgment away. The goal is to make the first review clearer.
These starter playbooks are written as read-only examples. Review the permissions, output, and limitations before using them in any production tenant.
Review which users have authentication methods registered before assuming MFA coverage is handled.
Example playbook / Read-only / Validation pending
Read playbook →Find mailbox forwarding that may send mail outside the organization and prepare it for careful review.
Example playbook / Read-only / Validation pending
Read playbook →Export privileged Entra role membership before making security or access policy changes.
Example playbook / Read-only / Validation pending
Read playbook →Planned read-only checks that belong in the same first-pass tenant review workflow.
Inventory app secrets and certificates that need owner review.
Coming soon / Planned read-only check
Coming soon
List external identities and review stale or unrecognized guests.
Coming soon / Planned read-only check
Coming soon
Capture policy configuration for review before edits.
Coming soon / Planned read-only check
Coming soon
Collect high-level Microsoft 365 tenant posture details.
Coming soon / Planned read-only check
Coming soon
Export licensed user inventory for cleanup planning and reporting.
Coming soon / Planned read-only check
Coming soon
A starter workflow you can read, adapt, and test before using in your own environment.
The content needs more review before it should be treated as tested guidance.
Every tenant is different. Validate scope, permissions, and output before relying on a workflow.
A planned read-only check that belongs in the broader tenant review workflow.