Forum Discussion
Is it possible to enable Windows Hello directly on an Azure VM running windows with vTPM enabled
We've tried creating Windows VMs on Azure to test out using Windows Hello as a webauthn platform authenticator _on the VM itself_ - this is to create a machine bound credential for running RPA processes.
However, despite created a trusted VM and making sure it has a vTPM, we aren't able to enable Windows Hello on the VM itself, therefore cannot present the VM as a platform authenticator to webauthn.
Is this actually possible?
3 Replies
You may refer below article for idea:
- Yes this is possible, you will need to do this via Azure Virtual Desktop and configure to authenticate against Azure AD using Windows Hello. The authentication token should then also be present inside the VM. See here - https://techcommunity.microsoft.com/t5/azure-virtual-desktop-blog/announcing-public-preview-of-sso-and-passwordless-authentication/ba-p/3638244
Note this is in public preview- Is it possible on a non-domain joined virtual desktop? So just windows hello enabled to allow the desktop to act as a platform authenticator for other webauthn enabled applications (not AAD)
