SOLVED

Fido2 Key will not show up in security updates

%3CLINGO-SUB%20id%3D%22lingo-sub-1888066%22%20slang%3D%22en-US%22%3EFido2%20Key%20will%20not%20show%20up%20in%20security%20updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1888066%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3Ei%20am%20trying%20to%20configure%20my%20yubikey%20to%20login%20to%20Azure%20AD.%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Yubi03.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F233624i0E4CD47AB55359B7%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Yubi03.png%22%20alt%3D%22Yubi03.png%22%20%2F%3E%3C%2FSPAN%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Yubi03.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F233625iFEF0B71FD307087E%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Yubi03.png%22%20alt%3D%22Yubi03.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EBut%20the%20selection%20Yubikey%20does%20not%20appear%20in%20my%20security%20updates.%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Yubi01.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F233623i749BB0F834917BE2%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Yubi01.png%22%20alt%3D%22Yubi01.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CDIV%20class%3D%22mceNonEditable%20lia-copypaste-placeholder%22%3E%26nbsp%3B%3C%2FDIV%3E%3CP%3ERegards%3C%2FP%3E%3CP%3EStefan%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1888066%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20Active%20Directory%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMulti-Factor%20Authentication%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1888127%22%20slang%3D%22en-US%22%3ERe%3A%20Fido2%20Key%20will%20not%20show%20up%20in%20security%20updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1888127%22%20slang%3D%22en-US%22%3EStefan%2C%20did%20you%20also%20enable%20the%20Fido2%20authentication%20option%20for%20that%20user%20within%20the%20authentication%20option%3F%3CBR%20%2F%3E%3CBR%20%2F%3EEnable%20FIDO2%20security%20key%20method%3CBR%20%2F%3E1.%20Sign%20in%20to%20the%20Azure%20portal.%3CBR%20%2F%3E2.%20Browse%20to%20Azure%20Active%20Directory%20%26gt%3B%20Security%20%26gt%3B%20Authentication%20methods%20%26gt%3B%20Authentication%20method%20policy%20(Preview).%3CBR%20%2F%3E3.%20Under%20the%20method%20FIDO2%20Security%20Key%2C%20choose%20the%20following%20options%3A%3CBR%20%2F%3EEnable%20-%20Yes%20or%20No%3CBR%20%2F%3ETarget%20-%20All%20users%20or%20Select%20users%3CBR%20%2F%3E4.%20Save%20the%20configuration.%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1888155%22%20slang%3D%22en-US%22%3ERe%3A%20Fido2%20Key%20will%20not%20show%20up%20in%20security%20updates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1888155%22%20slang%3D%22en-US%22%3EAnother%20requirement%20is%20that%20the%20user%20already%20has%20one%20other%20authentication%20method%20registered.%20Otherwise%20the%20FIDO2%20option%20will%20not%20show.%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fauthentication%2Fhowto-authentication-passwordless-security-key%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fauthentication%2Fhowto-authentication-passwordless-security-key%3C%2FA%3E%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E
Regular Contributor

Hello,

i am trying to configure my yubikey to login to Azure AD.

Yubi03.pngYubi03.png

But the selection Yubikey does not appear in my security updates.

Yubi01.png

 

Regards

Stefan

5 Replies
Stefan, did you also enable the Fido2 authentication option for that user within the authentication option?

Enable FIDO2 security key method
1. Sign in to the Azure portal.
2. Browse to Azure Active Directory > Security > Authentication methods > Authentication method policy (Preview).
3. Under the method FIDO2 Security Key, choose the following options:
Enable - Yes or No
Target - All users or Select users
4. Save the configuration.

@Ruud Gijsbers 

 

Thanks for your respons.

I enable the Fido2 authentication option.

 

Yubi02.png

Another requirement is that the user already has one other authentication method registered. Otherwise the FIDO2 option will not show.
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-password...
best response confirmed by Stefan Kießig (Regular Contributor)
Solution

@Ruud Gijsbers 

 

I found the solution.

MS told me that is a bug in azure AD, 

 

fido.png

The button "Allow self-service set up" is missing. 

Hello Stefan,

Do you have any update regarding this case? I am trying to setup fido2 again for the same user (after resetting security key) and for new users and have the same issue, the security key method is not listed in the security info.

I am just wondering if it started working for you already.

Regards,
Bart