FIDO2 security keys for M365 MFA have been working at my firm eSolia for over a year. Enabling an Entra conditional access policy to require “phishing resistant MFA” for admins (aka FIDO2 keys!), caused an endless loop of pain.