Azure AD - Manage Oath token

Emanuele Signorin 46 Reputation points
2022-02-02T12:51:17.623+00:00

In Azure AD in the Multi-Factor Authentication blade, I would like to delegate the rights to upload new OATH Tokens and activate them.
Which is the right role to assign to a technicians in order to do these tasks?

Thank you in advance.

Best regards,

Emanuele

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,578 questions
Accepted answer
  1. Shweta Mathur 13,081 Reputation points Microsoft Employee
    2022-02-03T07:48:48.497+00:00

    Hi @Emanuele Signorin ,

    Thanks for reaching out.
    As per my understanding, you are trying to delegate the rights to upload new OATH hardware tokens.

    To enable Multi-Factor Authentication blade, user should have at least below privileges:

    1. User have at least an Azure AD Premium P1 or trial license enabled for working Azure Active Directory.
    2. An account with Authentication Policy Administrator to enable software token authentication or global administrator privileges for hardware token authentication.

    Currently OATH hardware token is in preview that allows the Global Admin to perform bulk upload of tokens by uploading the CSV file which contains the UPN, Serial number, secret key, etc. A Global Admin can activate a maximum of 200 OATH tokens every five minutes.

    Reference : OATH-hardware-tokens-preview

    Hope this helps.

    Thanks,
    Shweta

    ---------------------------------------

    Please remember to "Accept Answer" if answer helped you.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest