Browser support of FIDO2 passwordless authentication
Microsoft Entra ID allows FIDO2 security keys to be used as a passwordless device. The availability of FIDO2 authentication for Microsoft accounts was announced in 2018, and it became generally available in March 2021. The following diagram shows which browsers and operating system combinations support passwordless authentication using FIDO2 authentication keys with Microsoft Entra ID. Microsoft Entra ID currently supports only hardware FIDO2 keys and doesn't support passkeys for any platform.
This table shows support for authenticating Microsoft Entra ID and Microsoft Accounts (MSA). Microsoft accounts are created by consumers for services such as Xbox, Skype, or Outlook.com.
This is the view for web support. Authentication for native apps in macOS, iOS and Android isn't available yet.
Browser support for each platform
The following tables show which transports are supported for each platform. Supported device types include USB, near-field communication (NFC), and bluetooth low energy (BLE).
1NFC and BLE security keys aren't supported on macOS by Apple.
2New security key registration doesn't work on these macOS browsers because they don't prompt to set up biometrics or PIN.
1Security key registration isn't supported on ChromeOS or Chrome browser.
1New security key registration doesn't work on iOS browsers because they don't prompt to set up biometrics or PIN.
2BLE security keys aren't supported on iOS by Apple.
1Security key biometrics or PIN for user verficiation are currently supported on Android by Google. Microsoft Entra ID requires user verification for all FIDO2 authentications.
Minimum browser version
The following are the minimum browser version requirements.
|Edge||Windows 10 version 19031|
1All versions of the new Chromium-based Microsoft Edge support FIDO2. Support on Microsoft Edge legacy was added in 1903.