OATH token csv upload

asked 2022-06-24T10:38:46.387+00:00
Russ Hopper 21 Reputation points

We've recently started to enforce MFA on users' 365 accounts, and as a part of this we have purchased some OTP token fobs (I don't know the official name). I have been trying to upload CSV in AAD to link each fob to a user account, but and receiving an error about the encoding of the CSV:

{"errorCode":"BadRequest","localizedErrorDetails":{"hardwareTokenUploadValidationFailure":"Invalid base32 encoding due to illegal character 8 for: <UPN>, serial number: <serial number>"}...

The serial number is just 13 numbers (0-9), so I don't know which character is illegal. I have had a look online and can't see this error message mentioned anywhere. Help!

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,563 questions
No comments
{count} votes

Accepted answer
  1. answered 2022-06-24T11:53:42.727+00:00
    Givary-MSFT 11,251 Reputation points Microsoft Employee

    @Russ Hopper

    Thank you for reaching out to us. As I understand you are facing this error {"errorCode":"BadRequest","localizedErrorDetails":{"hardwareTokenUploadValidationFailure":"Invalid base32 encoding due to illegal character 8 for: <UPN>, serial number: <serial number>"}... while updating OATH hardware tokens,

    However as per the documentation, The secret key can only contain the characters a-z or A-Z and digits 2-7, and must be encoded in Base32.

    Reference: https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-oath-tokens#:~:text=vendor%27s%20setup%20process.-,OATH%20hardware%20tokens%20(Preview),-Azure%20AD%20supports

    Let me know if you have any further questions.

    Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.

1 additional answer

Sort by: Most helpful
  1. answered 2022-08-02T17:23:01.873+00:00
    Chance Sharp (Admin) 1 Reputation point

    Make sure you don't have spaces between the commas. I was having the same issue and the first answer didn't help at all since it's clearly the serial number and not the secret key. I then noticed I had spaces after the commas and removed them and then it worked.

    No comments