Robotic Process Automation (RPA)

 View Only

 Options for handling two-step authentication (Microsoft Authenticator) for Outlook login in IBM RPA?

Carlos Martin Parra Cortes's profile image
Carlos Martin Parra Cortes posted Fri December 12, 2025 08:11 AM

Hi everyone,

I’m developing an IBM RPA bot that needs to log into a corporate web portal and perform standard actions (navigation, data entry, data extraction, etc.).
The issue is that the portal login uses Outlook authentication. Since it is a corporate email account, two-step verification is mandatory and it is validated through the Microsoft Authenticator mobile app, where the user must manually approve a number.

My question is:
Is there any way to handle this type of authentication in IBM RPA using built-in commands or standard capabilities?
Or in these scenarios, is the only viable option to escalate internally and request an exception or temporarily disable MFA for the bot account?

Any guidance or experience you can share would be greatly appreciated.

Thanks!

Sheridan Hindle's profile image
Sheridan Hindle posted Mon December 15, 2025 02:43 AM

Hi,

I am not sure this will help much but we have taken two approaches with MFA. For Microsoft the bot sits in an exemption LAN so does not have to use it. It is internal so less of a risk that a bot in a DMZ for example. The second process and not with Microsoft is to use an emailed code and the script waits for the code to hit an email inbox and uses it as the second factor. Not sure if Microsoft can email as well as use authenticator and SMS.

Good luck!

Atanas Atanasov's profile image
Atanas Atanasov posted Mon December 15, 2025 02:54 AM

I had a similar issue with a similar authenticator and solved it.

You need an Android/iOS emulator for windows - install the emulator, install the 2FA app inside it, run it with the bot, handle the authentication by clicking inside it and then close the emulator after you finish with it.

Milan Babčanec's profile image
Milan Babčanec posted Tue December 16, 2025 03:14 AM

Hello, there's not internal command in IBM RPA. We use custom c# code to generate the one-time password from the secret bearer. You can then use the OTP with internal Browser-related commands to fill the field. In version 30.0.1 you can run c# code directly from a IBM RPA command.

Related Content