Setup Yubi / Security key FIDO2

Setup Yubi / Security key FIDO2

< 1 min read

Table of Contents

Confirm if you are restricting FIDO2 keys to specific enrollments. If 'Enforce Key Restrictions' is YES you will need to add the Yubikey AAGUIDs

Confirm if you are restricting FIDO2 keys to specific enrollments. If ‘Enforce Key Restrictions’ is YES you will need to add the Yubikey AAGUIDs #

Navigate to Authentication Methods > Policies > FIDO2 > Configure

You can verify your keys information by navigating here: https://www.yubico.com/genuine/ and looking up the GUID via their support table: https://support.yubico.com/hc/en-us/articles/360016648959-YubiKey-hardware-FIDO2-AAGUIDs

Go to https://aka.ms/mfasetup > Add sign-in method

Add security key

Select USB Device

Follow the enrollment wizard

Add your security pin

Press the key

Name the key

What are your Feelings

Still stuck? How can we help?

Updated on August 18, 2025