Versions Compared

Old Version 3

changes.mady.by.user Kim Landis

Saved on

compared with

New Version Current

changes.mady.by.user Aarthi Raghavendra

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Div
classbreadcrumbs

HomeSingle Sign-On and MFAMulti-Factor Authentication / Current: Integrating Yubico OTP

In order to use Yubico OTP as a multi-factor authentication type, you must get an API key from Yubico and register the Client ID and Secret Key generated by Yubico in EmpowerID. Upon successful integration, you can add Yubico OTP to any Password Manager Policy as a multi-factor authentication type.

Style
importhttps://docs.empowerid.com/docs.css

To integrate Yubico OTP
  1. In the Navigation Sidebar, expand Admin, then Miscellaneous and click EmpowerID System Settings.
  2. To obtain Yubico APIKey and ClientID, go to https://upgrade.yubico.com/getapikey/ and enter a valid email address along with the Yubico OTP from any of your YubiKeys.
  3. Search for Yubico. Settings for YubicoOTPApiKey and YubicoOTPClientID appear in the grid.
    Image Removed
    Image Added

  4. From the grid, click the Edit button for the YubicoOTPApiKey setting.
    Image Removed
    Image Added

  5. In the dialog that appears, enter the Secret Key you received from Yubico in the Value field and click Save.
    Image Removed
    Image Added

  6. Back in the grid, click the Edit button for the YubicoOTPClientID setting.
  7. In the dialog that appears, enter the Client ID you received from Yubico in the Value field and click Save.

    Image AddedImage Removed

 Tip
Now that you have registered your Yubico Client ID and Secret Key in EmpowerID, the next step to using it for MFA in EmpowerID is to add it to a Password Manager policy as a multi-factor authentication type. For directions on how to do so, see Assigning MFA Types to Password Manager Policies.
 InfoiconfalsetitleRelated Content