Add FIDO2 support to Astiga account

CambionnCambionn Member
edited November 29 in Feature requests

Title kinda says it all. Option to add FIDO2 (or U2F) MFA (like yubikeys) to an Astiga account. Preferably both the option to have it next to OTP (useful for not having to grab a phone, convenience) or instead of OTP (useful for added security).

Post edited by Cambionn on

Comments

  • gravelldgravelld Administrator

    Nice - do you have a reference service that does this so I can understand the UX/flow?

  • CambionnCambionn Member
    edited November 29

    There is one here: https://developers.yubico.com/WebAuthn/WebAuthn_Developer_Guide/

    I'm looking for the "Second factor: Username + password + FIDO2" credential flow (or the U2F version of that flow), but others might appreciate other options. Yubico (maker of Yubikey) and the FIDO Alliance have some decent documentation.

    Note that FIDO2 and U2F are open standards. Implementing this would allow any hardware key to be used, not only those bought from Yubico (they are just the most famous), which is cool.

    Post edited by Cambionn on
Sign In or Register to comment.