There are 2 ways you can set up enroll pre-programmed OATH hardware tokens with Azure AD:into Entra ID
- Use Entra ID Portal
- Use SafeID Token Service
Entra ID Portal
Microsoft Entra ID portal provides a basic facility that allows you to enroll the pre-programmed OATH hardware tokens. To set up enroll hardware tokens using the Entra ID portal, you will need to go through 3 steps below:
- Download the token secret file
- Assign tokens to users
- Upload tokens to Entra ID
- Activate tokens in Entra ID
Step 1: Download the Token Secret File
| Expand | ||||||
|---|---|---|---|---|---|---|
|
Step 2: Assign tokens to users
Once you have downloaded the secret file of your tokens, you now need to edit it with a text editor and assign all of your tokens to your users by adding the user's UPN against the token's serial number, one by one
assign tokens to your Entra ID users.
There are 2 ways you can assign tokens to users
- Using a text editor
- Using the SafeID Enrollment Assistant
Step 3: Upload tokens to Entra ID
NextOnce you have assigned tokens to users, you need to can upload the modified secret file on to token assignment file onto Entra ID
Step 4: Activate tokens in Entra ID
Finally, you will need to activate tokens by providing a verification code from the token, one by one.
...
Click here for detailed instructions on how to set up pre-programmed hardware tokens with Azure AD
SafeID Token Service
As you will see, the facility provided by Azure AD is very basic and not flexible. It does not provide functions for you to quickly assign only one token to a user or to reassign a token, for instance. If you have a small number of hardware tokens to manage, then it is OK to use the Azure AD portal. However, if you have a large number of hardware tokens to manage, then we would recommend the SafeID Token Service
...