Please do not use the Microsoft Authenticator App with privacyIDEA. This might lead to hassle and annoyance? Why? Because Microsoft seldom cares about implementing standards correctly.
This App scans QR codes according to the key URI format specified by Google:
But it only supports TOTP tokens. This would be fine if this app would NOT accept QR codes if HOTP tokens.
But it does - and simply treats them as TOTP. Thus this App will always calculate other (T)OTP values than privacyIDEA; which of course will calculate (H)OTP values.
Oh Boy!