Microsoft
MicrosoftHi there,
I have a bit different case here. We have configured environment with Azure AD joined Windows 10 (22H2) devices and enabled FIDO2 authentication. We use YubiKey and Swissbit iShield tokens with touch. Only one private key is enrolled into each token. Everything works fine as long as only one token in plugged in into the Windows machine. But, things go wrong when two ore more tokens are inserted. After the PIN for the selected account is entered login screen shows "Touch your security key to sign in". That is expected, however incorrect token might start to flashing, waiting for tapping. So, you can select an account on the left side of the screen, then enter PIN for the corresponding token and on the next step windows might ask you to tap another one, which is apparently ends up with failure. I'm not even sure whether this case is supported. Haven't found anything in the official documentation.
Has anyone tried this use case?
