Improve clarity in phone-based MFA guide

bernawy · web-flow · commit 3212719ed337 · 2026-01-21T10:35:09.000-08:00
Updated the date and made minor corrections to the XML code and instructions for the phone-based MFA documentation.
diff --git a/articles/active-directory-b2c/phone-based-mfa.md b/articles/active-directory-b2c/phone-based-mfa.md
@@ -7,7 +7,7 @@ author: kengaderdus
 manager: CelesteDG
 ms.service: azure-active-directory
 ms.topic: how-to
-ms.date: 11/05/2025
+ms.date: 1/21/2025
 ms.author: kengaderdus
 ms.subservice: b2c
 ms.custom: sfi-image-nochange
@@ -123,15 +123,20 @@ To help prevent fraudulent sign-ups, remove any country/region codes that do not
     <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
     <TrustFrameworkPolicy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:xsd="http://www.w3.org/2001/XMLSchema"
-      xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06" PolicySchemaVersion="0.3.0.0" TenantId="yourtenant.onmicrosoft.com" PolicyId="B2C_1A_signup_signin" PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_signup_signin">
+      xmlns="http://schemas.microsoft.com/online/cpim/schemas/2013/06"
+      PolicySchemaVersion="0.3.0.0"
+      TenantId="yourtenant.onmicrosoft.com"
+      PolicyId="B2C_1A_signup_signin"
+      PublicPolicyUri="http://yourtenant.onmicrosoft.com/B2C_1A_signup_signin">
     
       <BasePolicy>
         <TenantId>yourtenant.onmicrosoft.com</TenantId>
         <PolicyId>B2C_1A_TrustFrameworkExtensions</PolicyId>
       </BasePolicy>
-    
+
+      <!-- Add this BuildingBlocks section to the relying party policy. -->
       <BuildingBlocks>
-         <!-- Add the XML code outlined in Step 2 if this section. -->
+         <!-- Add the XML code outlined in Step 2 in this section. -->
       </BuildingBlocks>
     
       <RelyingParty>
@@ -142,6 +147,10 @@ To help prevent fraudulent sign-ups, remove any country/region codes that do not
 
 1. In the `BuildingBlocks` section of this policy file, add the following code. Make sure to include only the country/region codes relevant to your organization:
 
+  > [!IMPORTANT]
+  > This code must be added to the **relying party policy** to ensure the country/region code restrictions are properly enforced on the server side.
+  > Defining these elements only in the parent policies will not work; they **must be added to the relying party policy**.
+
    ```xml
     <BuildingBlocks>
 
@@ -178,11 +187,8 @@ To help prevent fraudulent sign-ups, remove any country/region codes that do not
    
     The countryList acts as an allow list. Only the countries/regions you specify in this list (for example, Japan, Bulgaria, and the United States) are permitted to use MFA. All other countries/regions are blocked.
 
-  > [!IMPORTANT]
-  > This code must be added to the relying party policy to ensure the country/region code restrictions are properly enforced on the server side. 
+
 
 ## Related content
 
 - Learn about [Identity Protection and Conditional Access for Azure AD B2C](conditional-access-identity-protection-overview.md) 
-
-- Apply [Conditional Access to user flows in Azure Active Directory B2C](conditional-access-user-flow.md)
