What's the Nitrokey FIDO2 AAGUID?

Nils · March 31, 2020, 10:46am

Hi all,

I’ve been trying to set up Azure Authentication with the FIDO2 key on MacOS. Safari did not work due to what seemed to be UI issues, Firefox is displayed by Azure as not compatible, and when I try Chrome, I get this message: “We detected that this particular key type has been blocked by your organisation. Contact your administrator for more details and try registering a different type of key.”

I did not block any key types though (“Enforce key restrictions” is set to No in the AAD tenant settings). Now I want to try whitelisting the Nitrokey, but have so far been unsuccessful in finding the device’s AAGUID.

Can someone help me with that? AFAIU, the AAGUID is model-specific, not token specific, so the manufacturer should have this info.

Thanks and cheers
Nils

szszszsz · March 31, 2020, 11:00am

Hi @Nils !

At the moment AAGUID is not set in the certficate, sorry (ticket nitrokey-fido2-firmware#28). This will be done before the next firmware release.

Connected: Nitrokey FIDO2 AAGUID for

Best,
Szczepan

Nils · March 31, 2020, 11:11am

Hi Szczepan,

thanks for your quick reply. Will it be possible to upgrade the firmware?

Thanks and cheers
Nils

szszszsz · March 31, 2020, 11:22am

Yes, firmware update is possible, and we plan to have it available once the next firmware is released.