Browser support of FIDO2 passwordless authentication
Azure Active Directory allows FIDO2 security keys to be used as a passwordless device. The availability of FIDO2 authentication for Microsoft accounts was announced in 2018. As discussed in the announcement, certain optional features, and extensions to the FIDO2 CTAP specification must be implemented to support secure authentication with Microsoft and Azure Active Directory accounts. The following diagram shows which browsers and operating system combinations support passwordless authentication using FIDO2 authentication keys with Azure Active Directory.
This table shows support for authenticating Azure Active Directory (Azure AD) and Microsoft Accounts (MSA). Microsoft accounts are created by consumers for services such as Xbox, Skype, or Outlook.com. Supported device types include USB, near-field communication (NFC), and bluetooth low energy (BLE).
The following operating system and browser combinations are not supported, but future support and testing is being investigated. If you would like to see other operating system and browser support, please leave feedback using the product feedback tool at the bottom of the page.
Minimum browser version
The following are the minimum browser version requirements.
|Edge||Windows 10 version 19031|
1All versions of the new Chromium-based Microsoft Edge support Fido2. Support on Microsoft Edge legacy was added in 1903.