The FIDO2(WebAuthn) factor is registered per domain in cases where there are two domains: a custom domain and the default one. The factor must be registered on both domains.

• Okta Identity Engine (OIE)
• Multi-factor Authentication (MFA)
• WebAuthn

1. Log in to https://[domain].okta.com or custom domain URL.
2. Enter the username and password, then Sign In.
3. The user will be prompted for MFA. Use any available MFA that is set to be optional, except YubiKey.
4. In the upper right corner, click Settings.
5. Under Security Methods > Security Key or Biometric, click Set up Another.
   
    
6. The user will then be prompted again to validate the account.
7. Select Setup.
    
    

8. The user will be prompted to create a passkey for the current URL they are logged into. Click Continue.
   

9. Additional Security Key or Biometric should now be added.
    

Related References

• Configure the FIDO2 (WebAuthn) authenticator