Forum Discussion
Passkey Sign in Method (Entra Account) missing in Security
we enable FIDO2 passkey in entraId. However, when we try to register the FIDO2 passkey on myaccount.microsoft.com -> Security -> Add a Sign-in Method -> Passkey is missing. Attached screenshot.
For a personal account, the Passkey method is available at the same location, even though interface is slightly different than an Entra Id account. Attached screenshot for the personal account as well.
Kindly guide us on where to register the passkey or if we need to enable certain settings in EntraId for the passkey to show up in sign-in methods.
We have Auth Strengths enabled in EntraId for the particular user in question and this reflects in the Device Lockscreen during login on Entra Registred Device.
Thanks
Chandra
1 Reply
Hi Chandra,
For Entra ID accounts, I would check the Authentication Methods policy first.
In the Entra admin center, go to:
Protection > Authentication methods > Policies > Passkey (FIDO2)
Make sure that:
- Passkey (FIDO2) is enabled.
- The user is included in the target group.
- “Allow self-service set up” is set to Yes.
- If you are using passkey profiles, the correct profile is assigned.
- The user is using the work/school Security Info page, not the personal Microsoft account page.
The registration page should be:
https://mysignins.microsoft.com/security-info
Then select:
Add sign-in method > Passkey
If “Allow self-service set up” is disabled, users may not see the Passkey option in Security Info even if Passkey (FIDO2) is enabled in the tenant.
Microsoft documentation:
https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-authentication-passkeys-fido2
https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-register-passkey
