![]() Other makes and models can be found here. Note that a complete list of YubiKeys is provided below. Click Add AAGUID and paste in the AAGUID of the security key(s) you want to support.This will effectively block non-compliant security keys during registration. Select ‘Restrict specific keys’ as Allow (whitelist make and model AND disallow any security key type not listed). ![]() For (optional) increased security set ‘Enforce attestation’ and ‘Enforce key restrictions’ to yes also.Make sure ‘Allow self-service set up’ is set to Yes.In the ‘FIDO2 Security Key settings’ view make sure FIDO is enabled (optionally reduce scope) and then click on Configure.Click on FIDO2 Security Key to bring up the settings view.Within the Authentication methods feature, select the Policies blade.In the search bar, type “authentication methods” and hit Enter.Open a browser and navigate to the Azure portal.□Make a note to come back to this part of Azure later to disable less secure authentication methods like the Microsoft Authenticator app. YubiKey 5) are allowed within the organization. The following steps will enable FIDO2 security keys as an authentication method in Azure and optionally restrict what make and models (e.g. Step 1: Enable security key as an authentication method in Azure AD
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |