Does the "per-user" billing model charge based on the number of users enabled for Multi-Factor Authentication, or the number of users who perform the verifications?
Billing is based on the number of users enabled for Multi-Factor Authentication.
Related questions and answers
The "per-user" or "per-authentication" billing/usage model is chosen when creating a Multi-Factor Authentication Provider in the Microsoft Azure classic portal. It’s a consumption-based resource that’s billed against the organization’s Azure subscription, just like virtual machines or websites.
The billing model is selected during resource creation and cannot be changed once the resource is provisioned. It's possible, however, to create a new Multi-Factor Authentication resource to replace the original. Please note that user settings and configuration options cannot be transferred to the new resource.
A subset of Azure Multi-Factor Authentication capabilities is offered at no cost to Azure Global Administrators when the corresponding Azure Active Directory has not been provisioned with Azure Multi-Factor Authentication for directory users.
All costs are rolled into the per-user or per-authentication cost of the service. Organization (changed from “you”) are not charged for individual phone calls placed, or text messages sent, to your users when using Azure Multi-Factor Authentication. Phone owners may incur roaming-related or other costs from their telephone carriers to receive the phone calls or text messages.