/
Enable FIDO2 / WebAuthN Support in PortalGuard

Enable FIDO2 / WebAuthN Support in PortalGuard

Owned by Stephen Call (Deactivated)
Last updated: Nov 12, 2021 by Chris deRito (Deactivated)
2 min read

 

 

Problem

Your wish to utilize a FIDO2/WebAuthN token with your PortalGuard website for MFA or Self-Service functionality.

Solution

Enable support for FIDO2/WebAuthN within PortalGuard.

  • Important Note: Adding support for FIDO2/WebAuthN will ALSO add support for standard FIDO Tokens. 

Requirements:

  • Must be using PortalGuard Version 6.2.2.6 or Later

 

  1. Navigate to the PortalGuard server and open an administrative Text Editor (such as NotePad++ or similar)

  2. Edit the following file:

    • “C:\inetpub\PortalGuard\PG_Custom_dotNET_Text.inc”

  3. Navigate to the bottom of the file and edit the boolean labeled "PG_USE_WEBAUTHN":

      • Set this variable to 'true' and save the changes.

  4. Navigate to the PortalGuard Configuration Editor and edit the security policy that applies to the users in need of FIDO2/WebAuthN support.

  5. Navigate to the 'Authentication Methods' -> 'Tokens' tab and check the box labeled 'Allow WebAuthN' under the 'FIDO2 / Web Authentication' header:

    •  

  6. Navigate to the 'Actions' tab, and then navigate to the Sub-Tab for whichever action FIDO2/WebAuthN tokens should be allowed.  For this example, we will enable these tokens for 2FA during a Login action through PortalGuard.

    • Under the 'OTP Methods' tab of your selected Action, ensure 'FIDO2 / WebAuthN' is checked:

  7. Save the Settings to your Security Policy.

  8. Apply and Sync the changes. 

  9. Login to PortalGuard and enroll your token from the Account Management Page:

    •  

Related content