How can I enroll my Sotware Oath Token provider (KeePass) into the Active Directory MFA setting

Admin Paul FAYTOUT 1 Reputation point
2021-03-09T17:08:23.963+00:00

Hello Experts,

I found the documentation to enroll Hardware Oath Token but not for Software provider like KeePass wich generate TOPT.
75982-image.png

Is it really possible ?
If it's true, how can I found the manual ?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,686 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. JamesTran-MSFT 29,316 Reputation points Microsoft Employee
    2021-03-15T22:54:00.477+00:00

    @Admin Paul FAYTOUT
    Thank you for your post and I apologize for the delayed response!

    For uploading OAuth Tokens you should be able to do this within the Azure Portal -> Security -> MFA -> OATH tokens.
    77859-image.png

    Once tokens are acquired they must be uploaded in a comma-separated values (CSV) file format including the UPN, serial number, secret key, time interval, manufacturer, and model, for example: 

    upn,serial number,secret key,time interval,manufacturer,model  
Helga@contoso.com,1234567,2234567abcdef1234567abcdef,60,Contoso,HardwareKey

    For more info - Authentication methods in Azure Active Directory - OATH tokens

    If you have any other questions, please let me know.
    Thank you for your time and patience throughout this issue.

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

  2. JamesTran-MSFT 29,316 Reputation points Microsoft Employee
    2021-03-17T20:34:55.69+00:00

    @Admin Paul FAYTOUT
    Thank you for your time and patience, I received a response from our engineering team and will post it below.

    Software OATH tokens are applications like the Microsoft Authenticator app and other authenticator apps.

    • Microsoft Authenticator App is what we provide from Microsoft and we have the steps of integration for the same. But Software Oath Tokens also supports third-party applications that use OATH TOTP to generate codes.

    KeePass is a third party password manager, that isn't an authenticator app.

    Since it's a third party we do not have any integration documentation, officially, yet. Ideally, the third party provider should be providing the information.
    KeePass Discussion Forums

    I hope this helps! If you have any other questions, please let me know.
    Thank you!

    ----------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.