# Microsoft Auth

{% stepper %}
{% step %}
**Navigate to security settings**

Go to the settings page of your account: <https://account.microsoft.com/security> and start the setup of Two-step verification

<div data-with-frame="true"><figure><img src="/files/ibxwxj7jntC1feJ5XaI7" alt=""><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}
**Set up Two-step verification**

Choose to set it up with a different Authenticator app.

<div data-with-frame="true"><figure><img src="/files/Vn33ftFB2irQzPUzDIXD" alt=""><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}
**Get secret instead of code**

When seeing the QR code, select the option "I can't scan the bar code"

<div data-with-frame="true"><figure><img src="/files/d60I2k3zHlnU9Ppd0LL6" alt=""><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}
**Copy the key**

<div data-with-frame="true"><figure><img src="/files/NwZWsFwgsqfTWoWgLa42" alt=""><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}
**Store key in password manager**

Now add the key for the password manager in a password manager of choice. We recommend using a password manager that easily allows for the extraction of the key like 1Password or Bitwarden.
{% endstep %}

{% step %}
**Fulfill the flow and enable 2-Step Verification**

<div data-with-frame="true"><figure><img src="/files/InkkKFaoOyINI3aWjKYK" alt=""><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}
**Set up authentication in Aikido Pentest**

Write your instructions in a similar format as below

```
Step 1: Go to domain.com/login
Step 2: Select "Microsoft Login". You will be redirected to login.microsoftonline.com
Step 3: provide the following credentials:
- username: <username>
- password: <password>
Step 4: Generate the TOTP and log in
Success criteria: When successfully logged in, you will see "Hello Aikido" on the homescreen
```

{% endstep %}

{% step %}
**Add the TOTP URL**

Add the key in the correct base32 format. When adding the key from Microsoft, make sure to remove the spaces

<div data-with-frame="true"><figure><img src="/files/FI1vijE5wF6HZ53xB99K" alt=""><figcaption></figcaption></figure></div>
{% endstep %}
{% endstepper %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.aikido.dev/pentests/configure-a-pentest/setting-up-authenticated-testing/microsoft-auth.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.