I'm trying to get multi-factor authentication to work with the SDK and the mobile app.
Unfortunately the app won't work, I'm able to use the "phone call" and "text" method.
I did configure the app and it is working when signing into Office365. All tries are logged in the usage report, the call result is "Mobile App No Response".
Does anyone have any examples on how to use the mobile app method? I'm unable to find any.
Thanks in advance.
While we did put in some of the plumbing to support authenticating with the mobile app when using the SDK, there isn't a practical way to use it currently because there isn't an app activation process that works natively with the SDK. The plumbing that is there requires you to pass a device ID into the pf_authenticate function so that we can send a push notification to that device, but we don't have any mechanism in place to activate/register the device and capture the device ID. We are investigating providing an activation service in the cloud that will work with the SDKs to help you capture the device ID so that you can provide it back when requesting authentication, similar to providing the phone number when you call the SDK today. I don't have a timeline I can share on when such a cloud activation service may be available. Until then, only phone call and text message options will be available.
The other option is to use the Multi-Factor Authentication Server and its Web Service SDK. The MFA Server has a mobile app web service that is used for the mobile app activation. You can generate activation codes, display the activation code and URL to your users so that they can activate the app, and then that option will be available to them.
- Proposed as answer by shawnb_msMicrosoft employee Thursday, November 14, 2013 12:56 AM
It's not the answer I was hoping, but it's good to know the problem is acknowledged.
The second part of your reply brings me to the next problem.
I've tried the on-premise MFA Server, but I'm unable to associate the mobile app with an user. I can see the activation request from the mobile app in the IIS log (IIS returns OK), but the mobile app says it failed.
Phone call auth works perfectly.