![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 52%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,522 questions
Thank you for posting your query on Microsoft Q&A. From above error message we could understand that end user is not able to use TOTP issued from Hardware token device.
Please do correct me if this is not the case by responding in the comments section.
This error could be caused due to various reasons, to identify the same kindly validate the following:
- If customer have 5 or more devices registered with hardware token, authenticator app, if yes, then kindly suggest them to remove authenticator from any of the device and retry.
- Validate what error do we see in Azure AD sign in logs, if you could share the screenshot removing PII, user, device and application ID.
- Click on view details of the error message above and share the time stamp and correlation id, complete screenshot would be preferred.
- Also validate if you have migrated to Authentication methods from legacy MFA, if yes then hardware token must be enabled.
Please do let me know if you have any further queries.
Thanks,
Akshay Kaushik
Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.