PingID Administration Guide

Configuring FIDO2 authentication method for MFA authentication

To allow users to pair and authenticate using passkeys for MFA (Multi-factor authentication), enable FIDO2 authentication in the admin portal.

About this task

Users must enter their username (and password, if required), and are then prompted to authenticate with their passkey.

To configure passwordless authentication for passkeys using the FIDO2 authentication method, see Configuring passwordless authentication for passkeys.

Steps

  1. Sign on to the admin portal.

  2. Go to Setup → PingID → Configuration.

  3. Go to the Alternate Authentication Methods section, and in the FIDO2 row, select the Enable check box. Screen Capture of the Alternate Authentication Methods section of the Configuration tab, showing the FIDO2 authentication method showing the FIDO2 authentication method

  4. Click Save.

Result

Users can pair and authenticate passkey devices. For examples, see Using Windows Hello for authentication, Using Apple Mac Touch ID for authentication, and Using Android biometrics for authentication in the PingID End User Guide.