Navigate to previous Previous Topic Next Topic Navigate to next

YubiKey Authenticator

Note: YubiKey Authenticatior is an advanced authenticator available as part of the Professional edition of ADSelfService Plus.

ADSelfService Plus supports the YubiKey 5 series, YubiKey 5 FIPS series, and YubiKey 5 CSPN series as well as the Yubico OTP protocol for authentication.

Once YubiKey Authenticator is enabled, users are authenticated first through their AD domain credentials, and next through the one-time passcode (OTP) generated by the YubiKey Authenticator.

Prerequisite

  1. The firewall should have the outbound connections listed below:
    • https://api.yubico.com/wsapi/2.0/verify
    • https://api2.yubico.com/wsapi/2.0/verify
    • https://api3.yubico.com/wsapi/2.0/verify
    • https://api4.yubico.com/wsapi/2.0/verify
    • https://api5.yubico.com/wsapi/2.0/verify
  2. Get the Client ID and Secret Key from the YubiKey website by following the steps below:
    • Go to https://upgrade.yubico.com/getapikey.
    • Enter your email address. Connect the YubiKey to your workstation or server and enter the YubiKey OTP.
    • Select the I've read and accepted the Terms and Conditions option. Click Get API Key.
    • Copy the displayed Secret Key.

Steps for YubiKey Authenticator verification

  1. Go to Configuration > Self-Service > Multi-factor Authentication > Authenticators Setup.
  2. Select the policy for which YubiKey Authenticator is to be configured from the drop-down.
  3. Click the YubiKey Authenticator section.
  4. Enter the Client ID and the Secret Key from step 2 of the prerequisites.

    5. Yubikey

  5. Click Save.

Yubikey Confirm MSG

Note: You can choose to enforce multiple configurations for different users based on their domain, group, or OU membership, or simply apply one YubiKey Authenticator setting for all users.

Navigate to previous Previous Topic Next Topic Navigate to next

Thanks!

Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.

 

Need technical assistance?

  • Enter your email ID
  • Talk to experts
  •  
     
  •  
  • By clicking 'Talk to experts' you agree to processing of personal data according to the Privacy Policy.

Don't see what you're looking for?

  •  

    Visit our community

    Post your questions in the forum.

     
  •  

    Request additional resources

    Send us your requirements.

     
  •  

    Need implementation assistance?

    Try onboarding

     

Copyright © 2024, ZOHO Corp. All Rights Reserved.