FIDO2 and Azure AD - "We couldn’t verify your identity or you are using private mode."

Hi all,

I’m trying to setup NitroKey FIDO2 for 2FA with Azure AD (Client: MacOS 10.15.5). Safari and Firefox don’t even connect to the key. With Chrome I get pretty far: Azure tries to register the key, but then gives me this error: “We couldn’t verify your identity or you are using private mode. Please ensure that you are not in a private browsing window and please try again.”

Info:

  • I’m not in a private window.
  • I have Firmware 2.0.0
  • I disabled attestation on the AAD side

Any suggestions?

Thanks and cheers
Nils

Do you have at least a premium P1 Account for AAD ? Looks like that is necessary for MFA …

Thanks for your answer. In my case, I don‘t think that‘s the problem because I‘m trying to enable 2FA for a Global Administrator, which doesn‘t require a P1 license (see https://unitfly.com/blog/enable-free-azure-mfa-for-global-administrators/). Also, I can enable SMS- or Authenticator-based 2FA just fine.

Hi @Nils,

Sorry for the delay. This should work now with the latest firmware - 2.3.0. Please update it through update.nitrokey.com or pynitrokey.