![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 28.000000000000004%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETI%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
To use Microsoft Authenticator with Zscaler, an account entry in the app must show a one-time password (OTP) code. If no code appears when opening the app or tapping the account, try these steps:
- Confirm the correct account entry
- In Microsoft Authenticator, tap the account that should be used for Zscaler.
- Look for a line similar to “One-time password code” with a 6‑digit code that changes every 30 seconds.
- If that line exists, use that 6‑digit code in Zscaler.
- If no OTP code is shown for that account
- The account may not be configured as an OTP (OATH) token in Authenticator.
- In that case, Zscaler must provide a QR code or secret key to add a new OTP entry in Microsoft Authenticator. Use Zscaler’s instructions to:
- Add an account in Microsoft Authenticator.
- Scan the QR code or enter the key from Zscaler.
- If the account used to show a code but no longer does
- Ensure Microsoft Authenticator is updated to the latest version.
- If the app or device was recently changed and the OTP entry is missing, the original OTP secret might be lost. Zscaler or the organization’s admin must reset the MFA/OTP setup for that Zscaler account so it can be re-enrolled in Authenticator.
- If sign-in or approval is failing with “Authentication did not complete”
- Make sure Microsoft Authenticator is unlocked on the device.
- Ensure notifications are enabled for Microsoft Authenticator.
- Confirm the device has network connectivity and the date/time settings are correct.
If no OTP code appears and Zscaler does not provide a way to re-enroll, contact the organization’s IT/Zscaler administrator to reset the Zscaler MFA configuration so a new QR code can be scanned into Microsoft Authenticator.
References: