![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 22%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA9%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 92%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Hello Aishah,
At this time, Microsoft Entra External ID does not provide a way to control which MFA method is selected by default when multiple methods are available.
If both Email OTP and SMS OTP are enabled, the default method is determined by the service. Users can choose "Use a different verification option" to switch to Email OTP, but administrators cannot configure Email OTP to be presented first.
In your scenario, SMS can remain available as a backup method, but there is currently no setting in Conditional Access, Authentication Methods, or External ID to prioritize Email OTP over SMS.
If you want users to always use Email OTP, the only option would be to disable SMS authentication. However, this would remove SMS as a fallback method.
So, what you're seeing is expected behavior and not a misconfiguration. This is currently a product limitation rather than a configuration issue. If the ability to prioritize MFA methods is important for your scenario, you may consider submitting feedback through the Microsoft Feedback Portal.