This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Multiple FIDO authenticators per user

Hi!

Is it possible for user to have multiple FIDO keys enrolled?

Or to rephrase my question.

There is a customer who would like to user FIDO keys for authentication.

We have a case where user is working in a controlled environment, where it is hard to bring something with you (clean laboratories).

Idea is that user would have one FIDO key inside that lab (for example stored in a safe inside clean lab) and other one that this employee can use whenever is outside.

But as far as I know user can provision only one FIDO key in AA account portal, right?

Is there some other way somebody can think of? Maybe shared authenticators (never used them)?

Kind regards,

Sebastijan

Kind regards,

Sebastijan

If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

  • Verified Answer

    +1  

    Hello Sebastijan,

    I think you can refer to Event Categories for this:

    Event Categories
    In this policy you can add categories, which can be used in an event to support multiple enrollments
    for a method. For each event, you can specify one category.


    To add a category, perform the following steps:


    1 Click Event categories.
    2 Click Add.
    3 Specify a name and description for the category.
    4 Click Save.
    5 Click Events and edit the required event to specify the category.
    Ensure that users or helpdesk administrators enroll authenticators for the new category.

    NOTE:
    - You can enroll only one authenticator of one type for each category.
    - The Authenticator category option in Events is not displayed when no category is created.
    - The LDAP Password method is an exception. There is one LDAP password authenticator always,
    it can be used with any category.

    Hopefully that cover what you need.

    Thanks.

    Regards,

    Luciano Testa

  • 0   in reply to   

    I've tested it and works like a charm. Thanks!

    Kind regards,

    Sebastijan

    If you found this post useful, give it a “Like” or click on "Verify Answer" under the "More" button

  • 0   in reply to   

    This broke in 6.4.2.1 for me.

    Rodney

    If you found this post useful, give it a "Like" or click on "Verify Answer" under the "More" button.   This helps others.