In this tenant, I have Yubikey and Microsoft Authenticator passkey registered. The FIDO2 authentication policy by default allows all types, in this post I tested limiting those devices.
https://winsa2.blogspot.com/p/restricting-passkeysfido2-devices.htmlMore info on FIDO2 attestation
https://winsa2.blogspot.com/p/dig-little-deeper-onto-passkeyfido.html
No comments:
Post a Comment