She also completed the passwordless enrollment of a Windows device in my previous post.Ĭurrently you can’t use a FIDO2 security key to sign-in to Outlook for mobiles. My test user for this demo is Jessy Wonka. Imaging you have a user that is enabled for passwordless, and this user want’s to configure Microsoft Outlook on a personal Android device. If you want to skip to the user experience video, have a look at my YouTube Channel Passwordless sign-in to outlook on Android devices Although, you don’t have a work-profile option for iOS. I’ll follow up with another post for iOS devices, but in general, the procedures are the same. This post will focus on enrolling Android devices and configuring applications like Outlook and Teams, without a password. We’ll have a look at phone sign-in with the Microsoft Authenticator app and also enroll for a work profile with the Company Portal app and sign-in from another device using a FIDO2 security key. You can very well be working passwordless on mobile devices (corporate and personal). That being said, It is possible and in this post, I’ll show you that mobile devices are not an excuse for passwords. Working passwordless on Windows is easy, but when it comes to working passwordless on Mobile devices like Android and iOS, there are some other considerations. This will help us and others in the community as well.In my previous post “ What is your excuse for passwords”, I wrote about going passwordless all the way and how to enroll a Windows device with Autopilot using Azure Temporary Access Pass (TAP), and a FIDO2 security key. Please " Accept the answer" if the information helped you. I hope this answer helps to resolve your issue. You can also check if the users have the latest version of Microsoft Authenticator installed on their devices and if the devices are registered with the tenant where they are used to sign in. Below is the screenshot for your reference: If the users are not included, you can add them to the group. You can check the Authentication methods policy in the Azure AD portal to see if the users are included in the group of users enabled for passwordless sign-in. If the users are not in scope for passwordless authentication, they will not be able to register or complete the passwordless sign-in process. The users must be included in the group of users enabled for passwordless sign-in. The error you see "You cannot set up passwordless phone sign-in because your IT admin has disabled this feature", usually occurs when the user is not scope of the Passwordless policy setup on Azure AD portal. I would like to inform you that to enable Passwordless phone sign-in for your test users, you need to make sure that the users are in scope for the deployment.
0 kommentar(er)
