Skip to main content

FIDO2

FIDO2 type of token works with multi-factor authentication support and provides strong hardware single-factor authentication, 2FA two-factor authentication and Multi-factor authentication. It allows login without the need for a password or even a username using FIDO2 protocols. There areSome devices that support NFC technology or the token needs to be connected to the device, for example via USB-A/C ports (depending on the manufacturer and the technology used). Tokens can be secured using a specified pin for two-factor authentication, or biometrically - fingerprint - again depending on the manufacturer of the token.

Enrollment of the FIDO2 token inis not supported by the Android operating system.


FIDO2 token complete configuration and enrollment procedure in Windows

The FIDO2 token has to be configured in the Windows system for the use in ANT ID first -> PIN and fingerprint (dependsdepending on the type of the FIDO2 token).

If the FIDO2 token is already registered (PIN and/or fingerprint) in Windows then continue to the step 15.

1

Prepare your FIDO2 token and insert it into the USB slot.

2

Open SettingSettings in your Windows and go to the Accounts section. Scroll down and find the Sign-in options menu item.

3

Find the Security key option, expand it and press the MANAGE button.

4

The system will ask the user to touch the inserted token

5

The configuration modal window will be opened

6

FirstThe first step is to set up the Security Key PIN for the FIDO2 token - press buttonthe ADD button.

7

Insert the New security key PIN (twice) and press buttonthe OK button.

8

If the FIDO2 is fingerprint type the fingerprints could be registered.

  • Note: If the FIDO2 token doesn't have a fingerprint reader then the registration in Windows is done and now it's possible to continue with the enrollment of the FIDO2 token in the ANT ID system (step 15).

9

Press the SET UPSETUP button for the configuration of the Security key Fingerprint.

10

Insert the newly set Security key PIN and press the OK button.

11

Touch the fingerprint section of the FIDO2 token wirthwith your choosenchosen finger to register the fingerprints.

12

Repeatedly touch the FIDO2 token with the chosen finger till the complete fingerprint is scanned.

13

When the scanning is completed the successful message will be displayed. Then press the button DONE.

  • Note: there can be more fingers registered within the FIDO2 token

14

The registration of the FIDO2 token for the use within the ANT ID now continuecontinues in the ANT ID application in Selfservice - left the token in the USB slot.

15

Login to Selfservice, go to the ACCOUNTS section - the TOKENS tab is displayed - and press the button NEW [  ] on the right side of the screen.

16

The form for the new token is opened -  choose the FIDO2 from the Token type drop drop-down menu, optionalyoptionally fill in the Description field and press the SAVE button.

  • The names of all tokens are created by the administrator - it may vary.

17

The first registration dialog is opened. Choose the EXTERNAL SECURITY KEY option.

18

Confirm the request from your browser for the your-iamANT ID system - press the OK button.

19

Confirm the next step - information about creating a new record in the FIDO2 token related to Selfservice - press the OK button.

20

Touch the FIDO2.

21

If everything is ok, then the message about successful enrollment of the FIDO2 token is displayed and the new token is now available in the list of tokens. AlsoAlso, this token can be used for the login to the ANT ID.

FIDO2 token enrollment process on mobile devicedevices - only for NFC type of tokens - for iOS only

1

Choose the FIDO2 template from the Token type drop drop-down menu

The template name depends on administratoradministrator's settings


2

Insert the description optionally and press buttonthe SAVE button.

3

Attach the token to the top of the mobile phone to read the NFC token and follow the instructioninstructions of your mobile device:

  1. set the Security key and press CONTINUE
  2. insert PIN for the NFT token and press CONTINUE
  3. leave the token on the top of the mobile to re-read the NFT token

  

4

If everything wasis done correctly then the message about successful enrollment will be displayed and the token iswill be activated.


FIDO2 token enrollment process on mobile devicedevices - only for NFC type of tokens - for iOS only

1

Press the TEST button.


2

The system connects to your token and asks for authentication - fingerprint reading/pin entry (depending on the token type). 

3

If everything is ok, then the successful message will be displayed.
Back to top