In order to let users authenticate using their Yubikeys, it needs to be configured as an identity service in Authentication Web. This procedure assumes that the administrator also has a registered Yubikey they can authenticate with.
- Go to the Yubico API key signup page.
- Input the administrator email address and the Yubikey OTP, then click Get API key. A Client ID and a Secret Key are displayed on the page.
- In Authentication Web, go to Identity Services, and click on the configuration icon next to Yubikey in the list.
- Enter the Client ID and Secret key you just generated in the Yubico client ID and Yubico client secret fields, respectively.
- Generate another Yubikey OTP and enter it in the OTP code field.
- Click Save to save the configuration