Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

IT Admins Get New Azure AD Temporary Access Pass Feature to Create Time-Limited Passcodes

Microsoft has announced that Temporary Access Pass (TAP) is generally available for commercial customers. The Temporary Access Pass feature enables users to securely sign in to their accounts without a password.

Microsoft launched the public preview of Temporary Access Pass in Azure Active Directory earlier this year. It could be useful in scenarios where the old credentials are lost, or the device is stolen. The TAP feature can also be used to set up new Windows PCs for employees.

“TAP is a time-limited passcode that basically temporarily enables users to sign-in. That sign-in is focused on getting users up-and-running with passwordless authentication and on helping users recover access to their account. And all of that without the usage of a password, as TAP satisfies the needed strong authentication requirements,” the company explained.

Notably, IT teams will be able to configure and manage the Temporary Access Pass feature for users in their organization. First up, IT admins with Global Admin or Authentication Policy Admin permissions will need to enable TAP for users in their tenants. Next, they should create a Temporary Access Pass for a particular end-user in Azure AD.

IT Admins Can Now Create Time-Limited Passcodes with New Azure AD Temporary Access Pass Feature

How to use a Temporary Access Pass

Once the TAP is created, the user can use it to sign in and register a secure authentication method by following these steps:

Open a web browser and head to Microsoft’s security portal.
Enter the UPN of the account associated with the Temporary Access Pass (such as [email protected]).
The user will be prompted to enter their Temporary Access Pass on the Sign-in screen.
Finally, enter the Temporary Access Pass shared by the IT admin.

windows 10 authentication temporary access pass

Meanwhile, IT administrators can assign new Temporary Access Passes to replace old ones or delete expired passcodes. There is also an option to use Microsoft Graph APIs to integrate TAP with existing apps or an “HR-driven provisioning process.”

Microsoft has outlined some limitations of the Temporary Access Pass capability in Azure AD. It requires users to register a new Passwordless authentication method (such as Phone sign-in or FIDO2) within 10 minutes of the TAP sign-in. If you’re interested, you can check out Microsoft’s support page for more information.

by Rabia Noureen
Jun 28, 2022

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

How to Properly Secure and Govern Microsoft Entra ID Apps

Oct 19, 2023
Apr 17, 2024
Microsoft Entra ID App Registration and Enterprise App Security Explained

Oct 19, 2023
Apr 17, 2024
Five Tactics Towards Achieving Zero Trust with Azure Active Directory

Aug 29, 2023
Feb 01, 2024

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.