New Authentication flow questions

amir · April 24, 2022, 1:03pm

Hi all,

I’m playing with a new browser authentication flow where I need to add the ability to do a login either by OTP authenticator or by a physical device (like Yubikey in our case)

I got a few questions:

What is the difference between WebAuthn Passwordless Authenticator and WebAuthn Authenticator ?
When registering a user - is there a way to force the user to set up an OTP (like google authenticator) OR a physical device (like Yubikey) - so when login in the user will have to enter one of those ?

Thanks !

dasniko · April 25, 2022, 6:22am

No technical differences. It‘s just to policy configuration options, if you want to use WebAuthN for both, 2FA and passwordless. Then you can configure the passwordless policy with stronger rules/settings.
You can do this with Required Actions. In your case you‘ll have to create a custom required action to force the user to setup either of them.

Topic		Replies	Views
2FA with OTP and yubikey Getting advice	0	535	November 17, 2022
Two alternative 2FA methods Getting advice	1	720	November 2, 2022
Ask user to configure OTP on login when not configured Getting advice authentication	5	1125	November 30, 2023
OTP registration on flow A and OTP login on flow B Getting advice authentication	0	54	April 8, 2024
How to enforce 2FA for some roles and make it optional for the others Getting advice authentication	1	725	November 9, 2020

New Authentication flow questions

Related Topics