Introduction
A One Time Authorization Token (OAUTH) is a device that may be used to complete Office 365 multi-factor authentication (MFA) in certain circumstances when a smartphone application or telephone call do not work.
For example, when a person is traveling and does not have cellular connectivity nor a smartphone with the Microsoft Authenticator application installed but does have access to a computer connected to the Internet. In this case, an OAUTH will provide the code that synchronizes with Microsoft’s directory services and along with the standard username and password pair authenticates the user account.
Unlike a smart/telephone, the OAUTH will work anywhere and is not bound to cellular or Internet connectivity.
Purchase Information
OAUTH tokens are available for purchase on numerous web sites. Please make sure your token complies with the required specifications listed below.
Required Specifications
- Internet Engineering Task Force (IETF) Request for Comment (RFC) 6238 ensuring it is certified to work with Microsoft Azure MFA server or the Office 365 cloud service enabled with multi-factor authentication with Azure MFA.
Vendor Information
While OIT does not recommend a specific vendor for personal purchases, the following vendors provide OAUTH tokens meeting the required specifications. Prices range from $10.00-$20.00.
MicroCosm
https://www.microcosm.co.uk/order/product.php?ProductID=372
https://www.microcosm.co.uk/order/product.php?ProductID=346
Protectimus
https://www.protectimus.com/tokens
Protectimus TWO
Protectimus Crystal
Registration
Take your OAUTH token to the Technology Support Center located in the Stalker Hall basement and inform a service technician that you have an OAUTH token you need to register to your Office 365 account.
You will be asked to provide a valid form of identification in order for OIT to ensure we are configuring the OAUTH token for a valid ISU employee/student. Once TSS personnel confirm your identity, a service request is created that will include your OAUTH token information.
You will be able to use your OAUTH token within 5 days of the service request.
Additional Resources
See related articles for more information.