OATH token csv upload

Question

We've recently started to enforce MFA on users' 365 accounts, and as a part of this we have purchased some OTP token fobs (I don't know the official name). I have been trying to upload CSV in AAD to link each fob to a user account, but and receiving an error about the encoding of the CSV:

{"errorCode":"BadRequest","localizedErrorDetails":{"hardwareTokenUploadValidationFailure":"Invalid base32 encoding due to illegal character 8 for:

Answer 1

@Russ Hopper

Thank you for reaching out to us. As I understand you are facing this error {"errorCode":"BadRequest","localizedErrorDetails":{"hardwareTokenUploadValidationFailure":"Invalid base32 encoding due to illegal character 8 for: <UPN>, serial number: <serial number>"}... while updating OATH hardware tokens,

However as per the documentation, The secret key can only contain the characters a-z or A-Z and digits 2-7, and must be encoded in Base32.

Reference: https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-oath-tokens#:~:text=vendor%27s%20setup%20process.-,OATH%20hardware%20tokens%20(Preview),-Azure%20AD%20supports

Let me know if you have any further questions.

Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.

Answer 2

Hello,

it doesn't mean that the serial number is wrong.

Thats absolut correct what Givary-MSFT sayed.

You have to convert your secret key to a valid base32 string.

You can find a lot of websites where you can do it.

After that, I was able to upload my csv file :)

Regards,

Tim

Answer 3

Make sure you don't have spaces between the commas. I was having the same issue and the first answer didn't help at all since it's clearly the serial number and not the secret key. I then noticed I had spaces after the commas and removed them and then it worked.