When i create a token with admin right, and i scan the QR code with android phone or IOS phone i have the same OTP code.
But, when i create a token with user right and i scan the QR code with android phone and IOS Phone i don’t have the same OTP and only the IOS OTP works.
i test iphone X, iphone XI, google pixel and huawei P SMART Z
You probably have different policies for your admins and your users.
I guess admins and users are using different settings, probably different hash algorithms.
Google Authenticator sucks. You should only use google authenticator with SHA1.
Last time I check I think Google Authenticator on Android supported sha256 and on iphone it did not. Or the other way round.
You might consider using the privacyIDEA Authenticator, which supports sha1, sha256 and sha512 on android and iphone.
As I already explained: You have different policies for admins and for users and you are creating different QR codes with different hash algorithms as admin or user.
So you configured your system in a way, that results in this behaviour. This is possible. Nothing wrong.
We can not know, what you have configured. You need to take a closed look at
what your policies are,
what you select in the rollout dialog
what the QR code looks like.
Suggestion: Scan the QR codes with a qrcode scanner, that simply reads the code, and you will most probably see that you have different entries for the hash algo in the codes.
After research today because an android phone come to my office i find that if i set the time for OPT to 60 sec in policy, iphone set the OTP correctly but not android.