When users add any FIDO U2F, 4 Series, or FIPS 4 series, they are unable to see the proper name, and instead, it appears as "Authenticator". The YubiKey works as expected.
- FIDO U2F Security Key
- YubiKey 4 (Series)
- YubiKey FIPS (4 Series)
- Okta Classic Engine
The devices lack FIDO2 AAGUID. Okta is not able to add that information to the dictionary. Therefore, the result is the YubiKey device displayed as "Authenticator" in the user interface.
According to YUBICO, the attestation is done differently without an Authenticator Attestation GUID (AAGUID) (AAGUID was added in FIDO2/WebAuthn). In a WebAuthn call for a U2F authenticator (YubiKey 4 series and Yubico U2F Security Key), a certificate is returned that can be used to verify that it is a genuine YubiKey, but there is no additional information to identify which YubiKey. The same Yubico root certificate is used to sign all attestation data across all versions of YubiKeys.
