Manage FIDO2 authenticators

Passkey/FIDO2 authentication allows you to connect to your application using a Passkey/FIDO2 token. When you attempt to authenticate, a challenge is sent to the Passkey/FIDO2 token. The Passkey/FIDO2 token signs the challenge with a private key associated with the application to allow you to log in. You can set up your Passkey/FIDO2 token for Passkey/FIDO2 token authentication with password log in or as a passkey if your administrator has enabled passkey (passwordless login).

Note: Passkey/FIDO2 authentication is available using the latest versions of Chrome and Microsoft Edge. Firefox supports FIDO2 authentication but it does not support Passkey. Some versions of Passkey/FIDO2 tokens do not support passkey login.

Add and register a Passkey/FIDO2 token

Passkey/FIDO2 authentication is available using the latest versions of Chrome and Microsoft Edge. Firefox supports FIDO2 authentication but it does not support Passkey. Before you activate your Passkey/FIDO2 token, you must activate your token using the activation method available. This might involve scanning a QR code or inserting the token into your USB drive on your device. If you attempt to authenticate using an unregistered Passkey/FIDO2 token, an error message appears.

Activate a FIDO2 authenticator

1. Before you activate your Passkey/FIDO2 token for passkey authentication, make sure you have your Passkey/FIDO2 capable device ready for authentication. If you are using a USB Passkey/FIDO2 token, ensure that you have inserted the token into the USB port on the device you want to register.

2. In Identity as a Service, go to > My Profile. The My Profile page appears.

3. Click the Authenticators tab. Your list of assigned authenticators appears.

4. Click . A drop-down list of authenticators appears.

5. Select Passkey/FIDO2. The Register Passkey/FIDO2 Token dialog box appears.

6. Enter a name for your Passkey/FIDO2 token. The name must be unique and can be a maximum of 100 characters in length.

7. For Passkey authentication, select Store UserID checkbox.

8. Click Register. Prompts appear on screen. The prompts vary based o the browser you are using. You might be prompted to select to scan a QR code or to use an eternal security key or a built-in sensor.

Note: If you do not respond to the registration prompts within the timeout period, an error message appears. If this happens, click Register again. Also, if the Passkey/FIDO2 token is already registered, an error message appears.

Manage a Passkey/FIDO2 authenticator

Manage FIDO2 authenticators

1. Log in to your Identity as a Service account.

2. Go to My Profile.

3. Click the Authenticators tab. The Authenticators page appears showing your list of authenticators.

Note: You can have multiple Passkey/FIDO2 tokens assigned to you.

4. Click next to the Passkey/FIDO2 authenticator. A drop-down list appears with the following options:

● Enable—Select to enable the Passkey/FIDO2 authenticator and then click Confirm on the dialog box.

● Disable—Select to disable the Passkey/FIDO2 authenticator and then click Confirm on the dialog box.

● Rename—Select to rename the Passkey/FIDO2 authenticator and then click Update on the dialog box. The name must be unique and can contain a maximum of 100 characters.

● View —Selectto view the Passkey/FIDO2 authenticator details.

● Delete—Select to delete the Passkey/FIDO2 authenticator and then click Confirm on the dialog box.

Manage Passkey/FIDO2 authenticators

Add and register a Passkey/FIDO2 token

Manage a Passkey/FIDO2 authenticator