You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close

Looking for the Diagnostic Utility?

Click Here For Download and Usage Instructions

Enable FIDO2 / WebAuthN Support in PortalGuard


Problem

Your wish to utilize a FIDO2/WebAuthN token with your PortalGuard website for MFA or Self-Service functionality.

Solution

Enable support for FIDO2/WebAuthN within PortalGuard.

  • Important Note: Adding support for FIDO2/WebAuthN will ALSO add support for standard FIDO Tokens. 

Requirements:

  • Must be using PortalGuard Version 6.2.2.6 or Later
  1. Navigate to the PortalGuard server and open an administrative Text Editor (such as NotePad++ or similar)
  2. Edit the following file:
    • inetpub\PortalGuard\PG_Custom_dotNET_Text.inc
  3. Navigate to the bottom of the file and edit the boolean labeled "PG_USE_WEBAUTHN":
      • Set this variable to 'true' and save the changes.
  4. Navigate to the PortalGuard Configuration Editor and edit the security policy that applies to the users in need of FIDO2/WebAuthN support.
  5. Navigate to the 'Authentication Methods' -> 'Tokens' tab and check the box labeled 'Allow WebAuthN' under the 'FIDO2 / Web Authentication' header:
  6. Navigate to the 'Actions' tab, and then navigate to the Sub-Tab for whichever action FIDO2/WebAuthN tokens should be allowed.  For this example, we will enable these tokens for 2FA during a Login action through PortalGuard.
    • Under the 'OTP Methods' tab of your selected Action, ensure 'FIDO2 / WebAuthN' is checked:
  7. Save the Settings to your Security Policy.
  8. Apply and Sync the changes. 
  9. Login to PortalGuard and enroll your token from the Account Management Page:

REV. 010/2019 | PortalGuard

  • 108
  • 31-Oct-2019
  • 302 Views