Microsoft Authenticator fails to recognize SIOP v2 verifier flow (QR code)

Hannes Hahkio 6 Reputation points
2022-08-29T08:47:40.903+00:00

Attempting to scan a SIOP v2 (https://openid.net/specs/openid-connect-self-issued-v2-1_0.html) verifier QR code e.g below.

openid://?scope=openid digiid_core&response_type=id_token&response_mode=post&registration={"subject_syntax_types_supported":"did:web","id_token_signing_alg_values_supported":"ES256"}&client_id=https://test.id.cloud.dvv.fi/siop/api/1.0/auth&redirect_uri=https://test.id.cloud.dvv.fi/siop/api/1.0/auth&nonce=f58ef243d4c239d36cabd3f608b0c756&state=f58ef243d4c239d36cabd3f608b0c756

Fails on the current Microsoft Authenticator application as it begins by asking to create a new account, instead of asking which credential to present.

Can Microsoft confirm if they support the SIOP v2 flow in addition to the request_uri flow they use themselves?

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
5,648 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,678 questions
0 comments No comments
{count} vote