Here is our story:
Finally migrated to GMS 24.1 and added Advanced Authentication. We had a hard time getting it to work due to the password requirements.
So, for android devices we needed to enter the password as: [Password] "&" [TOTP]
For apple devices we have a two step process:
Device #1:
for initial password prompt: [Password] "&" [TOTP].
then a second password prompt = "normal" GW Password
Device #2:
Only [Password] "&" [TOTP]. and all is well. NO second prompt
We cannot grasp heads or tales why this is so. For the purpose of this experiment we needed to set Client Options > Security > Advanced Authorization = Enabled NOT "Required" to accommodate apple devices.
Thoughts on this?