FIDO 2.0 method not working with Advanced Authentication

  • 7025261
  • 30-Aug-2021
  • 30-Aug-2021

Environment

Advanced Authentication 6.x

Situation

Unable to authenticate to webpage using FIDO2 method
FIDO 2.0 method does not work for AA login 
Logging in with Yubikey token does not work
eMail token,  other methods work fine

Resolution

Try a different browser or a different device. 

Make sure the FIDO2 device is visible in Windows Device Manager. 

Verify the device is working on a  FIDO 2.0 test page.  For example  https://demo.yubico.com/webauthn-technical/registration 

If the device only fails in Advanced Authentication, enable the debug logs on the Advanced Authentication server and open the Developer Tools in the browser.  Reproduce the issue and save the activity to a HAR file.  Analyze the HAR dump with the AA Server logs.




Additional Information

Advanced Authentication has virtually no settings and therefore nothing to configure to make the Fido 2.0 method work.

The FIDO 2.0 method is implemented in the browser by the browser developers and is specific to the browser that is used.  Each browser writer developed their own support based on the FIDO 2 standard.