Register passkeys in Authenticator on Android & iOS
Overview:
You can sign in to Authenticator to create a passkey in the app and get seamless single sign-on across Microsoft native apps. We recommend this preferred flow to set up a passkey in Authenticator. If you're signed in or already have an account in Authenticator, you still need to complete these steps to add a passkey in Authenticator.
Step-by-Step Guide to Register a Passkey
1. Create a Passkey in Authenticator
If you already added an account in Authenticator, tap your account, and then tap Create a passkey.
Complete multifactor authentication (MFA) as required.
If necessary, tap Settings and set up a screen lock.
-
Tap Settings again to enable Authenticator as a passkey provider.
Note: The steps to enable passkey providers on Android might vary based on the make and model of your device. Search for Passkey in your device settings or consult your manufacturer for guidance. If your device runs Android 14 and you can't enable Authenticator as a passkey provider, we recommend upgrading to Android 15.
2. Configure Passkey Provider Settings in Android
Android - Open Passwords & accounts in your device settings.
In the Additional providers section, ensure that Authenticator is selected.
-
iOS - On your iOS 18 device, go to Settings > General > Autofill & Passwords. On your iOS 17 device, go to Settings > Passwords > Password Options.
On both operating systems, make sure that AutoFill Passwords and Passkeys is turned on. Under Autofill From, make sure that Authenticator is selected.
Return to Authenticator and tap Done to confirm that you added Authenticator as a passkey provider.
You should now see Passkey added as a sign-in method for your account. Tap Done again to finish setup.
3. Verify Your Passkey
Tap your account in Authenticator to view details, including your newly created passkey.
Test sign-in to ensure the passkey works properly.
Troubleshooting
In some cases when you try to register a passkey, it gets stored locally in the Authenticator app but isn't registered on the authentication server. For example, the passkey provider might not be permitted, or the connection might time out. If you try to register a passkey and see an error that the passkey already exists, delete the passkey that was created locally in Authenticator and retry registration.
Operating Systems
This feature seems to work best in iOS 18+ and Android 15+ - if you are not on the latest version, please consider updating your device.
Need Help?
If you encounter issues, contact the IT Service Desk for assistance.