Once YubiKey Authenticator is enabled, users are authenticated first through their AD domain credentials, and next through the one-time passcode (OTP) generated by the YubiKey Authenticator.
- The firewall should have the outbound connections listed below:
- Get the Client ID and Secret Key from the YubiKey website by following the steps below:
- Go to https://upgrade.yubico.com/getapikey.
- Enter your email address. Connect the Yubikey to your workstation or server and enter the YubiKey OTP.
- Select the I've read and accepted the Terms and Conditions option. Click Get API Key.
- Copy the displayed Secret Key.
Steps for YubiKey Authenticator verification:
Go to Configuration → Self-Service → Multi-factor Authentication → Authenticators Setup.
- Select the policy for which YubiKey Authenticator is to be configured from the drop-down
- Click YubiKey Authenticator section.
Enter the Client ID and the Secret Key from step 2 of the prerequisites.
Note: You can choose to enforce multiple configurations for different users based on their domain, group, or OU membership, or simply apply one YubiKey Authenticator setting for all users..
Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.
Need technical assistance?
Enter your email ID
Talk to experts