This document discusses using Yubico Yubikey as an authentication factor for OneLogin.
Note: If OTP is required for all users and a user is under that security policy, the user is prompted to register the device at the first successful login.
To register a Yubikey as a user, do the following:
- Go to the corner menu and select Profile > Security Factors.
- In the Security page, click Add Factor.
- Select Yubikey from the popup menu.
- Insert the Yubikey into your workstation and press the button. This injects the Yubikey ID into the device registration pane.
- Your registered device appears under Authentication Devices in the security page, with the first 12 characters of the Yubikey ID. Confirm with your administrator how the OTP policy for users is set, whether its for every single login attempt or only for browsers unknown to the user account.
- Upon logging in, the user will be prompted for their Yubikey Security Code. Insert the Yubikey and press the button to inject the security code.
- Click Log In.
The user will be logged in and their Yubikey MFA successfully configured.