Login

This section describes how to log in to the YubiOn FIDO2 Server Service management website.

Info

You must be registered as an administrator to log in to the management website.

Operation Procedure (E-mail address)

This is a login method in which passkey authentication is performed after the login ID is entered.

  1. Access the Login screen of the YubiOn FIDO2 Server Service management website.

  2. Enter your registered e-mail address in the e-mail address field. login login

    Conditional UI

    The email address input form also supports passkey login using Conditional UI (Autofill).
    If your browser supports the Conditional UI feature, you can select an available passkey when you click on the email address input field.
    To use this feature, you must record your ID information in your credentials when registering your passkey (Discoverable Credential).

  3. Click the “Login” button.

  4. Select a passkey. The passkey authentication function implemented in the OS and browser will be called up. Follow the instructions to authenticate your passkey.

    Types of passkeys

    The usage method varies depending on the OS and browser, but in most cases, the following usage methods are available.

    • Internal authenticator of the device you are using
      The passkey is stored inside the device you are using (such as a PC). This is called a platform authenticator.
      During registration and authentication, you will be asked to authenticate using the authentication mechanism (such as a fingerprint sensor) built into the device, or by entering a PIN.
      Depending on the OS and browser implementation, the passkey may be stored as a synchronized passkey using an account provided by the OS vendor (e.g., Apple Account, Google Account).

    • Security key
      The passkey is stored within a security key provided by various security vendors. This is also referred to as a cross-platform authenticator or roaming authenticator.
      During registration and authentication, you will be prompted to authenticate using the fingerprint sensor built into the security key or via PIN authentication.
      While USB-connected devices are the mainstream option, there are also devices that connect to the device using BLE or NFC.

    • Smartphone/Tablet
      Passkeys are stored on a smartphone or tablet other than the device being used. This is called hybrid authentication.
      During registration and authentication, a QR code displayed on the device being used is scanned with a smartphone to store the passkey on the smartphone.
      Authentication is required using the authentication mechanism built into the smartphone (fingerprint sensor, face recognition, etc.) or a PIN.
      Depending on the implementation of the smartphone OS, the passkey may be stored as a synchronized passkey using an account provided by the OS vendor (e.g., Apple Account, Google Account).

    • Passkey Provider
      If you are using a service that provides synchronized passkeys, you can store the passkey in the account of that service.
      For more details, please refer to the manual of each passkey provider service.

  5. After successful authentication, you will be redirected to the Dashboard screen.

Operation Procedure (Login with the discoverable credentials)

This is a login method that omits the entry of the login ID and uses the ID recorded in the passkey.

Info

This login requires that ID information be recorded in the credential at the time of passkey registration (Discoverable Credential).

  1. Access the Login screen of the YubiOn FIDO2 Server Service management website.

  2. Click the “Login with the discoverable credentials” button. login login

  3. Select a passkey. The passkey authentication function implemented in the OS and browser will be called up. Follow the instructions to authenticate your passkey.

    Types of passkeys

    The usage method varies depending on the OS and browser, but in most cases, the following usage methods are available.

    • Internal authenticator of the device you are using
      The passkey is stored inside the device you are using (such as a PC). This is called a platform authenticator.
      During registration and authentication, you will be asked to authenticate using the authentication mechanism (such as a fingerprint sensor) built into the device, or by entering a PIN.
      Depending on the OS and browser implementation, the passkey may be stored as a synchronized passkey using an account provided by the OS vendor (e.g., Apple Account, Google Account).

    • Security key
      The passkey is stored within a security key provided by various security vendors. This is also referred to as a cross-platform authenticator or roaming authenticator.
      During registration and authentication, you will be prompted to authenticate using the fingerprint sensor built into the security key or via PIN authentication.
      While USB-connected devices are the mainstream option, there are also devices that connect to the device using BLE or NFC.

    • Smartphone/Tablet
      Passkeys are stored on a smartphone or tablet other than the device being used. This is called hybrid authentication.
      During registration and authentication, a QR code displayed on the device being used is scanned with a smartphone to store the passkey on the smartphone.
      Authentication is required using the authentication mechanism built into the smartphone (fingerprint sensor, face recognition, etc.) or a PIN.
      Depending on the implementation of the smartphone OS, the passkey may be stored as a synchronized passkey using an account provided by the OS vendor (e.g., Apple Account, Google Account).

    • Passkey Provider
      If you are using a service that provides synchronized passkeys, you can store the passkey in the account of that service.
      For more details, please refer to the manual of each passkey provider service.

  4. If multiple IDs are registered, select an ID.
    If only one ID is registered in the passkey, this step is skipped.

  5. After successful authentication, you will be redirected to the Dashboard screen.