Integrating Yubico OTP

In order to use Yubico OTP as a multi-factor authentication type, you must get an API key from Yubico and register the Client ID and Secret Key generated by Yubico in EmpowerID. Upon successful integration, you can add Yubico OTP to any Password Manager Policy as a multi-factor authentication type.


To integrate Yubico OTP

  1. In the Navigation Sidebar, expand Admin, then Miscellaneous and click EmpowerID System Settings.
  2. To obtain Yubico APIKey and ClientID, go to https://upgrade.yubico.com/getapikey/ and enter a valid email address along with the Yubico OTP from any of your YubiKeys.
  3. Search for Yubico. Settings for YubicoOTPApiKey and YubicoOTPClientID appear in the grid.



  4. From the grid, click the Edit button for the YubicoOTPApiKey setting.



  5. In the dialog that appears, enter the Secret Key you received from Yubico in the Value field and click Save.



  6. Back in the grid, click the Edit button for the YubicoOTPClientID setting.
  7. In the dialog that appears, enter the Client ID you received from Yubico in the Value field and click Save.


Now that you have registered your Yubico Client ID and Secret Key in EmpowerID, the next step to using it for MFA in EmpowerID is to add it to a Password Manager policy as a multi-factor authentication type. For directions on how to do so, see Assigning MFA Types to Password Manager Policies.