Microsoft
Microsoft
Hello All,
I'm trying to setup Yubico NFC keys with my azure tenant but unfortunately without success... probably I'm missing something so i would like to share all steps that I'm following, maybe will be good also for somebody else in the future.
enable the preview features
2. Enable and configure FIDO2
allow self-service set up - yes
enforce attestation - yes
enforce key restriction policy - yes
restrict specific keys - allow
AAGUID -> 2fc0579f-8113-47ea-b116-bb5a8db9202a based on this table since i have YubiKey 5 NFC with firmware 5.2.4 -> https://support.yubico.com/support/solutions/articles/15000028710-yubikey-hardware-fido2-aaguids
3. following the official guide here -> https://support.yubico.com/support/solutions/articles/15000024567-using-yubikeys-with-azure-mfa
i've add the oath with -> ".\ykman.exe oath add t.test@consoto.com " and than add based32 key
4. Prepare the csv file for upload to the cloud like this:
upn,serial number,secret key,timeinterval,manufacturer,model
t.test@consoto.com,1234567, 1234567890abcdef1234567890abcdef,60,YubiKey,HardwareKey
5. Upload the file to the azure portal, and than try to Activate using the Yubikey Authentication app code, but i got this error:
Activating OATH token
Failed to activate the selected OATH token.
I guess i miss something but i dont know what and where, any advice will be appreciated!
BR,
Nick
