So microsoft documentation says this account needs to be a global admin in Azure AD.
Doesn't accept any MFA setup, nor does an app password work.
I seriously can't have a service account running our application stack running as a global admin with some type of security on the account. Anyone have security requirements for how to set this up? i've tried conditional access rules, but we're routinely having to cycle the rule. Now management has requested to keep the rule off.
I can't accept that this is normal. Anyone have any info here for us?