List of published manuals

List of manuals for contractors

IIJ ID Service Manual [For Administrators]

Adding Security Key Types that Can Be Registered/Authenticated

This page describes how to add types of FIDO2 security keys that can be registered and authenticated.

[ Note ]

To restrict the type of FIDO2 security keys that can be registered and authenticated, you need to enable "Restrict the types of registrable/authenticatable security keys."

  1. Click "System" and then "Security Settings."
  2. Click "FIDO2."
  3. Click "Restricted Security Key Setting" in "Security key restriction."
  4. Click "Add Security Key Type to Restrict."

  5. Enter the "AAGUID" of the FIDO2 security key whose registration and authentication are to be allowed, and then click "Add."

    [ Reference ]

    • Refer to "AAGUID" for information on AAGUID.
      If the AAGUID is unknown, it can also be checked by registering the security key with the IIJ ID.Refer to "Registering Security Keys" for more information.
    • Face ID and Touch ID with old versions of iOS do not support AAGUID (IIJ has verified that iOS 15.6 and later support AAGUID).
      To allow these security keys to be used as those that can be registered and authenticated, enter "apple" as the AAGUID.