<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base

How to Enroll Multiple FIDO2 MFA Options

Last Updated:

Okta Classic Engine
Multi-Factor Authentication

Overview

This article explains how to enable the FIDO2 (WebAuthn) factor and how users can enroll in it.

Applies To

  • Multi-factor Authentication(MFA)
  • Okta Classic Engine

Solution

  1. Navigate to Security > Multifactor.

  2. Activate FIDO2 (WebAuthn) for Classic Engine.
    Select Add Authenticator and add FIDO2 (WebAuthn).

  3. Click on Factor Enrollment.

  4. Make FIDO2 (WebAuthn) either optional / required for the correct policy. If the factor is required, the user will be prompted to enroll in that factor the next time they log in. Otherwise, they will be prompted to they will be given the option to enroll in that factor, but they can skip it. At any point, the user can enroll in that factor from their end-user dashboard.

  5. Click My end user dashboard (from the 4 squares symbol - top right-hand side).

My end user dashboard

  1. Click {My name} and then Settings.

Settings tab

  1. Navigate to the Extra Verification section.

  2. Click Setup for FIDO2.

    1. If enrolling for a fingerprint, continue through the process.

    2. To enroll a security key, click cancel on the fingerprint screen and follow the process.

Extra verification

Recommended content

Still looking for help?
Loading
Okta Support - How to Enroll Multiple FIDO2 MFA Options