New Authentication flow questions

Hi all,

I’m playing with a new browser authentication flow where I need to add the ability to do a login either by OTP authenticator or by a physical device (like Yubikey in our case)

I got a few questions:

  1. What is the difference between WebAuthn Passwordless Authenticator and WebAuthn Authenticator ?

  2. When registering a user - is there a way to force the user to set up an OTP (like google authenticator) OR a physical device (like Yubikey) - so when login in the user will have to enter one of those ?

Thanks !

  1. No technical differences. It‘s just to policy configuration options, if you want to use WebAuthN for both, 2FA and passwordless. Then you can configure the passwordless policy with stronger rules/settings.

  2. You can do this with Required Actions. In your case you‘ll have to create a custom required action to force the user to setup either of them.

1 Like