Subscribe to PortalGuard's Quarterly Newsletter for News & Updates on the Latest Release! Click to Subscribe

Enable FIDO2 / WebAuthN Support in PortalGuard


Problem

Your wish to utilize a FIDO2/WebAuthN token with your PortalGuard website for MFA or Self-Service functionality.

Solution

Enable support for FIDO2/WebAuthN within PortalGuard.

  • Important Note: Adding support for FIDO2/WebAuthN will ALSO add support for standard FIDO Tokens. 

Requirements:

  • Must be using PortalGuard Version 6.2.2.6 or Later
  1. Navigate to the PortalGuard server and open an administrative Text Editor (such as NotePad++ or similar)
  2. Edit the following file:
    • inetpub\PortalGuard\PG_Custom_dotNET_Text.inc
  3. Navigate to the bottom of the file and edit the boolean labeled "PG_USE_WEBAUTHN":
      • Set this variable to 'true' and save the changes.
  4. Navigate to the PortalGuard Configuration Editor and edit the security policy that applies to the users in need of FIDO2/WebAuthN support.
  5. Navigate to the 'Authentication Methods' -> 'Tokens' tab and check the box labeled 'Allow WebAuthN' under the 'FIDO2 / Web Authentication' header:
  6. Navigate to the 'Actions' tab, and then navigate to the Sub-Tab for whichever action FIDO2/WebAuthN tokens should be allowed.  For this example, we will enable these tokens for 2FA during a Login action through PortalGuard.
    • Under the 'OTP Methods' tab of your selected Action, ensure 'FIDO2 / WebAuthN' is checked:
  7. Save the Settings to your Security Policy.
  8. Apply and Sync the changes. 
  9. Login to PortalGuard and enroll your token from the Account Management Page:

REV. 010/2019 | PortalGuard

  • 108
  • 31-Oct-2019
  • 8 Views