Securitykey integration failure as follows
- Securitykey registration is complete using "documentDomain":"https://localhost:port" instead of FQDN
- When Auth API is triggered and user login using password as first factor the response from factor/v1/PasswordAuthenticator shows the following 4 options for second factor as defined in the policy
"nextaction": "FACTOR_SELECTION",
"currentFactors": [
"IVROTP",
"SMSOTP",
"SECURITYKEY",
"PUSH"
],
- The Call to /default/auth/v1/SelectedFactor with the following payload --> {"factor":"SECURITYKEY"} results in a response back to Factor selector with the 3 options without the SecurityKey option
"nextaction": "FACTOR_SELECTION",
"currentFactors": [
"IVROTP",
"SMSOTP",
"PUSH"
],
All AuthHub Releases
This is most likely related to the securitykey creds not being found for the Domain or not Valid when used with localhost
Localhost is not supported in the "documentDomain" while performing FIDORegChallengeGenerator .
You must use a valid FQDN in the "documentDomain" and also use the same FQDN when triggering the flow from browser.