Our situation:
When enrolling android devices in Microsoft Intune, our configuration requires users to approve their sign in using the Microsoft Authenticator solution. This can be done using the Microsoft Authenticator app; or by answering an incoming call from Microsoft (on their mobile phone); and approve the sign in by pressing the # key.

Users have both authentication methods (app & phone number) configured in the MS Authenticator configuration.

We are re-enrolling alot of Android devices, which requires the user to perform a factory reset first.
During this factory reset; the Microsoft Authenticator app is removed; leaving the "authenticate by phone" as their last option to perform multi factor authentication.

Our problem:

• Users have only a single device, which is being factory reset. This wipes the Microsoft Authenticator app.
• User (re-)enrolls the device in Intune by tapping the welcome screen multiple times; and scan the QR code.
• During Intune enrollment, user is asked to sign in using corporate credentials
• Afther signing in, user must use multifactor authentication to approve the signin attempt 
• Since the authenticator app is not installed yet; user can only use the "approve by phone" option to approve the sign in
• The call from Microsoft comes in and can be picked up, but the # key is not working to approve the signin request. 

A secondary phone (with Microsoft Authenticator or a different phone number) is required to approve the sign in.
Workaround 1: use another phone, put in on speaker, and press the #key; this allows the signin to be approved.
Workaround 2: configure MS authenticator app on another phone

Please note: ater the enrollment is fully completed; the # key DOES work in the dialer to approve future sign-in attempts. 

Question:
How can we get the # key to work during this phase of the enrollment?