VIP AuthHub - SECURITYKEY integration failure
search cancel

VIP AuthHub - SECURITYKEY integration failure

book

Article ID: 380934

calendar_today

Updated On:

Products

VIP Authentication Hub

Issue/Introduction

Securitykey integration failure as follows

- Securitykey registration is complete using     "documentDomain":"https://localhost:port"  instead of FQDN 

- When Auth API is triggered and user login using password as first factor the response from factor/v1/PasswordAuthenticator shows the following 4 options for second factor as defined in the policy 

"nextaction": "FACTOR_SELECTION",
    "currentFactors": [
        "IVROTP",
        "SMSOTP",
        "SECURITYKEY",
        "PUSH"
    ],

 

- The Call to /default/auth/v1/SelectedFactor with the following payload --> {"factor":"SECURITYKEY"}    results in a response back to Factor selector with the 3 options without the SecurityKey option 

"nextaction": "FACTOR_SELECTION",
    "currentFactors": [
        "IVROTP",
        "SMSOTP",
        "PUSH"
    ],

Environment

All AuthHub Releases

Cause

This is most likely related to the securitykey creds not being found for the Domain or not Valid when used with localhost

Resolution

Localhost is not supported in the  "documentDomain"  while performing FIDORegChallengeGenerator .

You must use a valid FQDN  in the "documentDomain"  and also use the same FQDN when triggering the flow from browser.