Hi @Emanuele Signorin ,
Thanks for reaching out.
As per my understanding, you are trying to delegate the rights to upload new OATH hardware tokens.
To enable Multi-Factor Authentication blade, user should have at least below privileges:
- User have at least an Azure AD Premium P1 or trial license enabled for working Azure Active Directory.
- An account with Authentication Policy Administrator to enable software token authentication or global administrator privileges for hardware token authentication.
Currently OATH hardware token is in preview that allows the Global Admin to perform bulk upload of tokens by uploading the CSV file which contains the UPN, Serial number, secret key, etc. A Global Admin can activate a maximum of 200 OATH tokens every five minutes.
Reference : OATH-hardware-tokens-preview
Hope this helps.
Thanks,
Shweta
---------------------------------------
Please remember to "Accept Answer" if answer helped you.
Hi AJ,
Yes, it is in future roadmap to introduce new least privileges to upload OATH token, but currently there is no SLA for that.
Thanks,
Shweta