Thank you for reaching out to the community forum!
I understand that you would like to know the possibility to set up the user account to prompt for the respective Microsoft Authenticator App's sign-in approval rather than prompting for the user password after the TAP expires.
To answer your question, after the TAP expires, the user will need to authenticate with their password at least once to set up the Microsoft Authenticator App's sign-in approval on the tablet.
Once a user has a valid Temporary Access Pass (TAP), they can use it to sign in and register security information, including setting up passwordless phone sign-in directly from the Microsoft Authenticator app.
After the TAP is used to set up the tablet and enroll it with Intune, the user should be able to continue using the Microsoft Authenticator app for sign-in without needing to use their password.
Here TAP work as a bridge to enable passwordless authentication methods, and once these methods are registered and set up, the user should not be required to revert to using a password for authentication.
In general, the Temporary Access Pass (TAP) should allow for the setup of passwordless methods without the need for a password. Please ensure that the TAP policy is configured in your organization to allow users to sign in with a TAP and onboard other passwordless authentication, because organization policies can override these defaults and require users to use a password for authentication.
Hope this helps. Do let us know if you any further queries.
Thanks,
Akhilesh.
If this answers your query, do click Accept Answer
and Yes
for was this answer helpful. And, if you have any further query do let us know.