A programmable hardware token is essentially a substitution for the Microsoft Authenticator app, and the process to set up a programmable hardware token is similar to setting up the Microsoft Authenticator app.
You can use your Android or iPhone to program the hardware token if your phone is NFC enabled. You can also use your Windows PC or laptop to program the hardware tokens. If you are going to use Windows PC or laptop, then you will need an NFC smart card reader.
The video below demonstrate the process:
The steps below summarise the process:
- Download the SafeID/Diamond programming tool. onto your phone or PC
- Sign in to your AAD account, and add a third-party authenticator app
- Obtain the QR code of the authenticator app
- Use the SafeID Programmer app to burn the QR code into the hardware token
Please note that if the method selected is not set to "Authenticator app" a QR code will still be generated, but will be of the incorrect type (and will produce an error "No QR code found on the screen" when you attempt to scan the QR code).
Click here for detailed instructions on how to set up programmable hardware tokens with Azure AD
Use OATH hardware tokens in Office 365 MFA login
The user experience with using an OATH hardware token in Office 365 and Azure AD login is basically the same as using the Microsoft Authenticator app
Click here for more details on how to use hardware tokens in Office 365 and Azure AD login.