Using the Graph API to enroll hardware tokens is a newly introduced feature in Entra ID. Currently, you can use the Graph API to upload tokens into Entra ID, but there is no UI in the Entra Admin Portal for administrators or the help desk team to manage those tokens. Those tokens can only be self-enrolled by the users.
If you need a system that allows administrators or the help desk team to enroll and manage tokens, as well as allows your users to self-enroll their tokens, then check out the SafeID Token Service.
To enroll hardware tokens into Entra ID using the Graph API, follow the steps below.
| Expand |
|---|
| Include Page |
|---|
| Get the JSON file of the hardware tokens |
|---|
| Get the JSON file of the hardware tokens |
|---|
|
|
| Expand |
|---|
| Include Page |
|---|
| Upload hardware tokens using the Graph Explorer |
|---|
| Upload hardware tokens using the Graph Explorer |
|---|
|
|
Optionally, you might want to check the token repository to make sure that the tokens have been successfully uploaded into Entra ID
| Expand |
|---|
| Include Page |
|---|
| Check the token repository using Graph API |
|---|
| Check the token repository using Graph API |
|---|
|
|
You can now give the tokens to your users and ask them to self-enroll their tokens in Entra ID
| Expand |
|---|
| Include Page |
|---|
| Self-Enroll hardware tokens into Entra ID |
|---|
| Self-Enroll hardware tokens into Entra ID |
|---|
|
|