Skip to content

FIDO U2F#

Attention

The official support end-of-life (EOL) date for Gluu Server 2.4.4 is December 31, 2018. Starting January 1, 2019, no further security updates or bug-fixes will be provided for Gluu Server 2.X. We strongly recommend upgrading to the newest version.

This script enables multi-factor authentication with any FIDO U2F device. Learn more about the U2F standard here. For a list of U2F compliant devices for sale, check Amazon.

Some well known U2F device manufacturers include:
- Yubico
- HyperFIDO
- Feitian Technologies

Overview#

The script has the following properties

Property Description Example
u2f_server_uri URL of the u2f server https://idp.gluu.info
u2f_server_metadata_uri URL of the u2f server metadata https://idp.gluu.info

Configure U2F#

Follow the steps below to configure the U2F module in the oxTrust Admin GUI.

  1. Navigate to Configuration > Manage Custom Scripts.

  2. Click on the Person Authentication tab person-auth

  3. Select the U2F script u2f-script
  4. Enable the script by ticking the check box enable
  5. Click Update
  6. Change the Default Authentication Method to u2f u2f