Feb 05 2024 01:33 PM
Hello,
I would like to use a FIDO2 key for authentication. I configured the authentication settings to use it.
If the user already has an existing MFA (e.g. MS Authenticator), the FIDO2 key works very well.
How can I use the FIDO2 key for users without an existing MFA (e.g. new users)? The users do not have a business cell phone, so they cannot use SMS or the MS Authenticator.
I configured TPA and can also use it. But after logging in with TPA, I am repeatedly asked to configure the MS Authenticator and cell phone number for SMS authentication. I can't do either because the user doesn't have a work cell phone.
Thank you for your help.
Regards
Stefan
Feb 05 2024 02:56 PM
Feb 05 2024 04:56 PM
Hi, Stefan.
In addition to the settings Libby mentioned, you'll want to check the registration campaign settings, as they default to Microsoft-managed and occasionally get in the way of your planned behaviour since Microsoft has a tendency to re-run Authenticator-based campaigns from time to time.
Cheers,
Lain
Feb 11 2024 02:16 AM
Feb 14 2024 09:56 AM
SolutionI have found the solution. It was an old setting. As soon as I deactivated the selected settings, I was no longer asked for additional information.
Feb 14 2024 09:56 AM
SolutionI have found the solution. It was an old setting. As soon as I deactivated the selected settings, I was no longer asked for additional information.