Today a short blog post related to the Microsoft Authenticator app and the error I received when I tried to configure passwordless phone sign-in.
For some time, I was unable to set up passwordless phone sign-in in the Microsoft Authenticator app on my mobile device. When I checked my tablet, also that device showed me an error on the account for which I used phone sign-in.
To troubleshoot I removed the Authenticator app from my device, checked a lot of settings in the Entra admin center and created a test account to make sure the issue wasn’t related to my user account.
I was able to receive push notifications on my device for multi-factor authentication, but when I wanted to turn on phone sign-in I always got the error We run into an error. Shortly another error message was shown Failed to register for receiving push notifications.
The device registration was finished, but only the last part was always failing. And I could only use the authenticator app to approve MFA notifications.
I ended up creating a support case at Microsoft support and we checked a lot of different settings, even from which we already thought that these couldn’t be related. But who knows, sometimes it’s something unexpected that causes an issue.
In the end, it was finally found that just one check mark was wrong.
For some reason the service principal Azure Multi-Factor Auth Connector was disabled.
This is a Microsoft application found in the Entra admin center or Azure portal, under Enterprise applications.
When I switched Enabled for users to sign-in? To Yes and save the change, it all started to work again as expected.
Why this application was disabled? I have no idea.
But I hope it prevents somebody from a long troubleshooting journey if this issue is faced.