PingOne

Configuring FIDO2 authentication (Passkeys)

You can configure FIDO2 devices as an authentication method. FIDO2 devices include passkeys, FIDO2 biometrics, and security keys.

Before you begin

To add FIDO2 as an authentication method, you need:

  • A PingOne environment. The authentication policy should include the relevant MFA policy.

FIDO2 biometrics and security keys are legacy authentication methods and must be updated to support FIDO2 authentication. Learn more: Updating an existing MFA policy to use FIDO2, and for legacy PingID accounts, see Updating a PingID account to use PingOne FIDO2 policy for Passkey support.

About this task

Learn more about FIDO2 authentication in FIDO policies.

Adding FIDO2 as an authentication method involves the following steps:

Steps

  1. Configuring a FIDO2 policy.

  2. Configure the MFA policy to include the FIDO2 authentication method, and include the relevant FIDO2 policy.