Problem is that if the app that doesn't work is not fungible (see your gym app, your banking app, your community app, etc) then you are out. The best compromise is to have a backup phone for incompatible non-fungible apps

Just looked - Microsoft Authenticator doesn't appear to work. I might be able to get off of it but it will take some prep. My banks are supported so that's good.

Why would you use Microsoft Authenticator when there are hundreds of other apps that manage OTPs?

Use aegis https://f-droid.org/packages/com.beemdevelopment.aegis/

Because many admins are horrible and disable TOTP for "security".

My uni does it and I've had use the only alternative option, cell call, and rigged Tasker to automatically answered and play the needed tone so I don't need to carry it with me.

Good question. That was for my MS account/licenses and some Azure stuff. I use Google Authenticator for most things.

Thanks for the link, I'll take a look. I might just move it to a secondary device first.

Microsoft authenticator should work on GOS, I can only find single person saying it doesn't but there's plenty of reasons it might not work for them (vpn, too strict exploit protection settings). And there's multiple people mentioning it working fine.

Microsoft Authenticator works on my GrapheneOS (I have the Play Services, not sure if it matters).