These steps will guide you through setting up Yubico Yubikey as an authentication factor for OneLogin.
- You own a Yubico Yubikey (currently support both YubiKey 4 and YubiKey 4 Nano).
- Your administrator has enabled Yubico as an authentication method for the account.
Note: If OTP is required for all users and a user is under that security policy, the user will be prompted to register the device at the first successful login.
To register a Yubikey as a user, do the following:
- Go to the corner menu and select Profile > Security.
- In the Security page, select the plus sign ‘+’ to add a new authentication factor.
- Select Yubikey from the dropdown menu.
- Insert the Yubikey into your workstation and press the button.
This will inject the Yubikey ID into the device registration pane.
- Your registered device will appear under Authentication Devices in the security page, with the first 12 characters of the Yubikey ID.
Confirm with your administrator how the OTP policy for users is set, whether its for every single login attempt or only for browsers unknown to the user account.
- Upon logging in, the user will be prompted for their Yubikey Security Code.
- Insert the Yubikey and press the button to inject the security code.
- Click Log In.
The user will be logged in and their Yubikey MFA successfully configured.