PowerShell script that can help automate the process of importing and activating hardware TOPT tokens into Azure MFA. Currently there are no built-in PowerShell commands for this purpose.
This script uses undocumented API endpoints and should be used with caution.
- Azure Powershell Module:
Install-Module -Name Az -AllowClobber
- CSV file from token supplier in the Azure MFA Hardware token format Microsoft Documentation:
upn,Serial Number,Secret Key,Time Interval,Manufacturer,Model
- Authenticate a PowerShell session using
Connect-AzAccount
- Run the command as follows:
.\Add-AzureMfaToken.ps1 -upn email.address@domain.com -serialNumber 000000000 -tokensCSV c:\pathTo\tokens.csv
This script also supports Azure Government environments. To use the script with Azure Government, specify the -azureEnvironment
parameter with the value AzureUSGovernment
. For example:
.\Add-AzureMfaToken.ps1 -upn email.address@domain.com -serialNumber 000000000 -tokensCSV c:\pathTo\tokens.csv -environment AzureUSGovernment
Code to generate one time password by Jon Friesen