How to add a security key
Before adding a security key (WebAuthn), check if you already have at least one authentication code (TOTP) registered and one of the following:
a physical security key (so-called "key fob")
a device with a security key function
an application which serves as a security key (e.g. tpm-fido or a password manager with passkey function)
Decide which security key option to use (we recommend creating a security key for all your devices). If you're not sure which option to choose for each device, you can try our Which MFA is right for me? MFA Guide .
More information about the different types of security keys can be found here:
How to set up security keys in ProxyIdp:
1
Open the Token Management System
2
Make sure that you already have at least one verification code device (TOTP) enrolled and have your backup codes generated. If not, enroll verification code () and generate backup codes (), then continue to the next step.
3
Click the Enroll Token button.
4
Select the security key option and enter a description (e.g. key‑fob manufacturer or phone model). The description serves only as your name for the token.
Continue with the Continue button.
5
A dialogue box (system or browser) will appear, prompting you to confirm.
Take the appropriate action depending on the type of security key:
6
If the registration was successful, you will be informed that the token is enrolled. Click the Finish button.
You can add any number of additional verification codes or security keys. We strongly recommend the registration of at least two devices.
Support: perun@cesnet.cz