Skip to content

Commit 4dd5695

Browse files
JustinhaJustinha
committed
Update howto-authentication-temporary-access-pass.md
1 parent de8e0b9 commit 4dd5695

File tree

1 file changed

+3
-2
lines changed

1 file changed

+3
-2
lines changed

articles/active-directory/authentication/howto-authentication-temporary-access-pass.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ services: active-directory
66
ms.service: active-directory
77
ms.subservice: authentication
88
ms.topic: conceptual
9-
ms.date: 03/29/2021
9+
ms.date: 03/31/2021
1010

1111
ms.author: justinha
1212
author: justinha
@@ -155,7 +155,8 @@ Keep these limitations in mind:
155155

156156
- When using a one-time Temporary Access Pass to register a Passwordless method such as FIDO2 or Phone sign-in, the user must complete the registration within 10 minutes of sign-in with the one-time Temporary Access Pass. This limitation does not apply to a Temporary Access Pass that can be used more than once.
157157
- Guest users can't sign in with a Temporary Access Pass.
158-
- Users in scope for Self Service Password Reset (SSPR) registration policy will be required to register one of the SSPR methods after they have signed in with a Temporary Access Pass. If the user is only going to use FIDO2 key, exclude them from the SSPR policy or disable the SSPR registration policy.
158+
- Users in scope for Self Service Password Reset (SSPR) registration policy *or* [Identity Protection Multi-factor authentication registration policy](../identity-protection/howto-identity-protection-configure-mfa-policy.md) will be required to register authentication methods after they have signed in with a Temporary Access Pass.
159+
Users in scope for these policies will get redirected to the [Interrupt mode of the combined registration](concept-registration-mfa-sspr-combined.md#combined-registration-modes), this experience does not currently support FIDO2 and Phone Sign-in registration.
159160
- A Temporary Access Pass cannot be used with the Network Policy Server (NPS) extension and Active Directory Federation Services (AD FS) adapter, or during Windows Setup/Out-of-Box-Experience (OOBE) and AutoPilot.
160161
- When Seamless SSO is enabled on the tenant, the users are prompted to enter a password. The **Use your Temporary Access Pass instead** link will be available for the user to sign-in with a Temporary Access Pass.
161162

0 commit comments

Comments
 (0)