Forum Discussion

JCld's avatar
JCld
Copper Contributor
May 30, 2026

For me it was a strange situation, because in tenant-1 it worked without issues, but in tenant-2 suddenly this claim of ‘FIDO sign-in being disabled via policy’. 

In my case second Passkey Profile was allowing the new synced passkey type at the targeted group. (Device-bound passkey for all users,)

Registration worked, though slow.

But as others below have experienced, sign-in did not even offer passkey option at first. (Forcing flow via username-free path resulted in the same error as ‘passkey error.png’.)

Ultimately it was offered/preferred, but then it did still not allow. 

This is how the issue was resolved for me:

  • I waited longer than 10 min (side effect of researching this problem).
  • I renamed the Passkey profile.

After that it worked. (Each action could have been factor.)

IF the latter triggered the policy, take away that renaming one passkey profile might be a safer action than disabling and enabling Passkeys for every user.