EUM uses the Microsoft 365 identity models offered by Entra ID for all users and authentication. For more information, see Step 1. Determine your cloud identity model - Microsoft 365 Enterprise | Microsoft Learn.
EUM uses Entra ID for all external users. These users are invited as guests to the Customer's Microsoft 365 tenant.
Multi-Factor Authentication (MFA)
To enhance security, EUM fully supports MFA and this can be enabled without any issues. For more information about setting up MFA for your Microsoft 365 tenant, see Set up multifactor authentication for users - Microsoft 365 admin | Microsoft Learn.
Conditional Access Policies
EUM supports the full set of capabilities offered by Conditional Access Policies in Entra ID.
The majority of EUM API endpoints are secured and require authentication. This authentication requires a bearer token obtained through Entra ID. Any anonymous endpoints are appropriate and required for scenarios where the user is not yet authenticated, such as self-registration.