7.7 C
New York
Wednesday, April 16, 2025
HomeIT
IT

Step-by-Step Guide : How to enable QR code authentication for Microsoft Entra ID (Preview) ?

By AlphaTech
0
6
Step-by-Step Guide : How to enable QR code authentication for Microsoft Entra ID (Preview) ?


Microsoft Entra ID supports a long list of Authentication methods.

  • Windows Hello for Business
  • Microsoft Authenticator app
  • Authenticator Lite
  • Passkey (FIDO2)
  • Certificate-based authentication
  • Hardware OATH tokens (preview)
  • Software OATH tokens
  • External authentication methods (preview)
  • Temporary Access Pass (TAP)
  • Short Message Service (SMS) sign-in and verification
  • Voice call verification
  • Password

This enables organizations to select the most secure and productive authentication methods for their business. While the most secure method may not always be the most productive, and vice versa, having a variety of supported authentication methods helps to strike a balance between these two aspects.

Microsoft Entra ID now supports QR authentication, a method specifically designed for frontline workers who use shared devices. This provides a convenient and secure login experience for these workers.

1)        An account with Authentication Policy Administrator permission or higher can enable QR code as an authentication method.

2)        Once the method is enabled, a QR code and temporary PIN can be generated for the user.

3)        The QR code should be made available to the user. It can be downloaded, printed, or added to a badge.

4)        The QR code is unique but cannot be used without the PIN.

5)        The temporary PIN must be reset when the user authenticates for the first time.

6)        Once the QR code and PIN are set up, the user can use them for subsequent logins.

1)        QR authentication is designed for frontline workers and should not be widely used. Phishing-resistant authentication is recommended wherever possible.

2)        Do not enable this authentication method for all users; only enable it for required users.

3)        QR authentication is currently only supported on mobile devices running iOS/iPadOS or Android.

4)        QR authentication does not allow self-service PIN reset for users.

In this blog post I am going to demonstrate how to configure QR authentication for the Microsoft Entra ID users.

Let’s start with enabling authentication method.

  1. Log in to the Entra admin portal at https://entra.microsoft.com/as an Authentication Policy Administrator or higher.
  2. Navigate to Protection | Authentication Methods.

  1. Under Policies, click on QR code (Preview).

  1. In the QR code (Preview) settings page, click on Enable to turn on the authentication method. Then, select the relevant user group as the target.

  1. Click on the Configure tab. Here, you can adjust the PIN length and the lifetime of the QR code. The default is 365 days, but it can be extended up to 395 days. Once changes are made, click on Save to apply them.

This enables the QR code as an authentication method for the tenant. Next, let’s see how to generate a QR code for a user.

To generate QR code for user,

  1. Navigate to Users | All users.
  2. Select the user from the target group configured in the previous section.
  3. Click on Authentication methods.

 

  1. Click on + Add authentication method.

  1. From the dropdown, select QR code (Preview).

 

 

  1. In the settings page, define the expiration date and activation time. Click on Generate PIN to create a temporary PIN. Note down the PIN and click on Add.

 

  1. This will generate the QR code. Download it for use with authentication.

 

Now that we have generated a QR code for a user, let’s proceed with some testing.

For testing, I used an iOS device to log in to the office portal. On the login page, I typed the username and then clicked on Sign-in options.

 

 

In the Sign-in options page, I selected Sign in to an organization.

 

On the next page, I chose Sign in with QR code.

 

I clicked on Allow to grant access to the camera.

 

After that, I scanned the QR code downloaded in the previous step.

 

Once the QR code was successfully detected, I entered the temporary PIN that was generated and clicked on Sign in.

 

On the next page, I was prompted to define a new PIN since this was the first login. After defining the PIN, I clicked on Sign in.

 

As expected, I was able to log in successfully.

 

 

This marks the end of the blog post, and I believe you now have a better understanding of how to enable and use QR code for authentication.

Previous articleUK business confidence sinks to two-year low amid tax hikes and global trade tensions
Next articleToday’s Technology Should Be Designed By and For All Minds
AlphaTechhttps://alphaitbuilder.com

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

Load more

ABOUT US

Alphaitbuilder is your Information technology, SMEs, Server relocation, startups and VoIP website. We provide you with the latest breaking news and videos straight from the industry.

© Copyright 2025 - alphaitbuilder.com. All rights reserved