This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 96%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EED%3C/text%3E%3C/svg%3E)
As requested by https://learn.microsoft.com/en-us/entra/external-id/customers/how-to-multifactor-authentication-customers, I am trying to remove the Temporary Access Pass authentication method from our Microsoft Entra ID for Customers instance and am receiving a failure. How can this be disabled?
You are trying to disable it? What Azure role do you have when doing this?
Global Administrator. I was able to disable SMS and Microsoft Authenticator that we had previously enabled.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @Eric D ,
If you are seeing the "policy did not save" error, one possibility is that the policy size is too large. You can check the response from Graph to see more details about why the save is failing. If you have too many objects (groups and users) excluded for the registration campaign, you will need to downsize the policy.
You can check the audit logs and the response from Graph to get more details.
Request:
PATCH https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/Fido2 HTTP/2.0
When you change the policy, you may also see this error if there is a reason required to disable/enable and you have not selected that reason.
If the first solution does not help I would recommend sharing the more detailed error from the audit logs so that we can better isolate the issue and troubleshoot.
If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar questions.
Thank you for your suggestion. I cannot find any audit logs related to these failing operations. In this scenario I'm just an end-user trying to use an app to configure my tenant, so would it be the responsibility of the entra.microsoft.com authors to troubleshoot why their application is failing? Secondly why would removing something from the policy cause the size to be larger than before?