API Key Registration

This section explains how to register an API key, which is used to access the YubiOn FIDO2 Server Service API from your service.

Info

To perform this procedure, the target RP must be verified. Please ensure the RP’s verification status is ‘Verified’.

API Key Registration

  1. Log in to the Management Console and open the RP screen.

  2. Click on a row in the RP list to view the RP details.

  3. Click the ‘API Key’ tab, then click the ‘Register API Key’ button.

  4. In the API Key Registration window, fill in each field.

    • API auth name A name to identify the API key.

    • API auth type Specify the authentication method to be used with the API key.

      Type Description
      Nonce sign auth Signatures are created and verified using a Nonce (random value) provided by FIDO2ServerService. This is the method with the highest level of security; for each API request, a separate communication to obtain the nonce value is made.
      Datetime sign auth Create and verify signatures using date and time. Compared to Nonce Signature Authentication, this method has a high enough level of security, although theoretically the possibility of replay attacks within a short period of time due to communication eavesdropping occurs. We recommend using this service when you want to reduce various overheads caused by communication to FIDO2ServerService, such as for services with a very large number of users.
      Access key auth Uses a fixed key and verifies if the key matches. This is a simple method.

  5. Click the ‘Register’ button.

  6. API key information will be displayed. Copy and save each item.