Yubikey Authentication Support

Yubikey is a hardware token for Multifactor Authentication that supports OTP, with plans to adopt modern authentication approaches such as FIDO U2F with single security key.

Chromium Embedded Framework (CEF) is used as the embedded browser for custom sign-in, SAML Authentication on Linux to work with FIDO U2F.

Ivanti Secure Access Client integrates Yubikey for MFA with CEF to redirect to the IDP such as Netflix and Okta.

On ICS, enable "Enable embedded browser for authentication" option in Connections settings for Ivanti Secure Access Client to launch CEF for sign in.

To set up Yubikey for authentication and install CEF browser, use the following procedure.

  1. Launch Ivanti Secure Access Client application and select a connection and click Connect.

  1. An authentication confirmation window appears. Click OK to continue.

  1. A CEF download confirmation window appears, click OK to download and install CEF browser.

The installation progress and status displays. Ensure not to initiate any other connection when CEF installation is in progress.

  1. On successful installation of CEF Browser, Yubikey authentication window appears.
    Enter Username and Password to Sign In if already registered. If not registered, registration page displays.

  1. On “Set up multifactor authentication” window, click Configure factor.

  1. On “Set up security key or biometric authenticator” window, click Enroll.

  1. On “Set up multifactor authentication” window, check the enrolled factors and click Finish.

The connection is established and the connection details display.