Share via

Unable to complete phone sign in method

Mariëtte Knap [server-essentials.com] 96 Reputation points
2024-08-09T11:02:18.4066667+00:00

Cannot complete this method in the authenticator app on Android. Two cases open on this issue. One with Office 365 at #‎2408091420000331 and one at Entra support with 2408090050001537. Android device shows as a registered device in Entra.

WhatsApp Image 2024-08-09 at 09.53.33_742e4ae5

WhatsApp Image 2024-08-09 at 09.53.33_9227c3e7

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
8,371 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,703 questions
0 comments
Accepted answer
  1. Raja Pothuraju 16,840 Reputation points Microsoft External Staff
    2024-08-12T22:02:42.7633333+00:00

    Hello @Mariëtte Knap [server-essentials.com],

    Thank you for posting your query on Microsoft Q&A and for sharing the support ticket numbers as well.

    Based on your description, I understand that you are encountering an issue when attempting to enable phone sign-in with the Microsoft Authenticator app, where the setup fails.

    After reviewing the case you raised with the Entra team (2408090050001537), I noticed that your tenant has Multi-Factor Authentication (MFA) enabled via per-user MFA, but the Microsoft Authenticator option hasn't been enabled in the Authentication Methods policy. To enable passwordless phone sign-in with the Authenticator app, you'll need to configure it through the Authentication Methods policy, as the AuthenticatorAppSignInPolicy isn't supported under the legacy per-user MFA settings.

    User's image To resolve this issue, please enable the Microsoft Authenticator via the Authentication Methods policy by following these steps:

    1. Sign in to the Microsoft Entra admin center as at least an Authentication Policy Administrator.
    2. Browse to Protection > Authentication methods > Policies.
    3. Under Microsoft Authenticator, choose the following options:
      1. Enable - Choose Yes
      2. Target - All users or Select users
    4. Each added group or user is enabled by default to use Microsoft Authenticator in both passwordless and push notification modes ("Any" mode).
    5. To apply the new policy, click Save.

    Once the policy is saved, users can then register themselves in the Microsoft Authenticator app to enable phone sign-in:

    1. In Microsoft Authenticator, select the account registered.
    2. Select Enable phone sign-in.
    3. Follow the instructions in the app to finish registering the account for passwordless phone sign-in.

    I hope this information is helpful. Please feel free to reach out if you have any further questions.

    If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know. Thanks,
    Raja Pothuraju.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Teri Morgan 0 Reputation points
    2024-08-14T09:58:27.48+00:00

    I'm struggling to authenticate also. I tried to sign into my work email on the browser, it asks for a code from my app. But I can not set up the app, as when I try to sign into the app, it's asking me for a code from the authenticator app? I click other options and this is the only other option I get. I'm unsure how to get this to work

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.