We recently initiated Federated Authentication in our environment and I have noticed a strange thing - if I am trying to add an account via Apple Business Manager and I I want to set it's "Role" to Administrator - it automatically selects Authentication: "Apple". Only if I select Staff it is added as "Federated". Does it mean that Administrator "Role" account on Business Apple Manager can only be authenticated via Apple? As it requires attaching a working phone number in such case... Any insight on this would be great!
"or add .appleid like Apple recommends" - could you point me please to the documentation where this is recommended?
Otherwise I think it answers my question: ABM admins can only have non-federated Apple ID accounts with personal phone MFA authentication, am I understanding this correctly?