Univention Bugzilla – Bug 51933
Support FIDO2 standard for user authentication
Last modified: 2021-07-06 10:38:11 CEST
Customers made a feature proposal to support the FIDO 2 standard for user authentication in UCS. Fido 2 is described here https://loginwithfido.com/ and here https://fidoalliance.org/fido2/. See Ticket#2020070621000524
privacyIDEA supports FIDO2 token management as a 2nd factor for the user. Thus, using the privacyIDEA SAML plugin for simpleSAMLphp you could add FIDO2 to the UMC/IdP. However, we still need to add the authentication code into the simpleSAMLphp Plugin here: https://github.com/privacyidea/simplesamlphp-module-privacyidea However, this is definitively less coding effort than adding the complete registration and management functionality, which is already covered by privacyIDEA.
Customer asked for 2FA at TT 2020-11-19/20