Hallo!
Wenn ich versuche den Nitro Key Fido2 an mein Azure AD account zu koppeln kommt die folgende Meldung:
We detected that this particular key type has been blocked by your organization. Contact your administrator for more details and try registering a different type of key.
Ich bin nach folgender Anleitung vorgegegangen: How to enable FIDO2 password-less authentication with Microsoft Azure AD for use with Windows 10 and SaaS web apps - JasonSamuel.com
Gitb es noch was einzustellen?
Gruss
Fabian
1 Like
Hi!
AFAIR the organization administrator has to change some domain settings. I do not remember the details at the moment.
jan
December 16, 2019, 6:58pm
3
Vmtl. muss in AAD “Enforce Attestation” deaktiviert werden.
Ăśbrigens, die m.E. beste und aktuelle Anleitung ist diese von Microsoft selber.
Hallo jan
Genau diese Einstellung funktioniert, Danke!
Wird Nitrokey in dieser Liste auftauchen, so dass evt. diese Option nicht mehr deaktiviert werden muss?
Gruss
Fabian
@jan I think it is possible to provide custom list of accepted devices’ models, is that right?
jan
December 29, 2019, 10:46am
6
It’s possible to disable attestation enforcement (see screenshot above) but not to provide a custom attestation list.
Does Nitrokey plan to become a Microsoft-compatible FIDO2 security key vendor?
I suppose filling out this form is enough because the security keys are already FIDO certified.
I attached the latest screenshots from Entra with the needed option in English:
German screenshot will follow because I am just allowed to add one picture.