YubiKey Authentication Support

This feature is applicable for Pulse Secure Desktop Client on Linux and macOS only.

YubiKey is a hardware token for Multifactor Authentication that supports OTP, with plans to adopt modern authentication approaches such as FIDO U2F with single security key.

On Linux systems, Chromium Embedded Framework (CEF) is used as the embedded browser for custom sign-in, SAML Authentication to work with FIDO U2F. On PCS, enable “Enable embedded browser for authentication” option in Connections settings for Pulse Unified Client to launch CEF for sign in.

On MAC systems, Chromium Embedded Framework (CEF) is used as the embedded browser SAML Authentication to work with FIDO U2F. On PCS, enable “Enable FIDO2 U2F for SAML authentication” option on the connection set.

Unified Pulse Client integrates YubiKey for MFA with CEF to redirect to the IDP such as Azure AD and Okta.

To set up YubiKey for authentication and install CEF browser, use the following procedure.

1.Launch Unified Pulse Client application and select a connection and click Connect.

 

2.An authentication confirmation window appears. Click OK to continue.

3.A CEF download confirmation window appears, click OK to download and install CEF browser.

The CEF downloads automatically. The installation progress and status displays. Ensure not to initiate any other connection when CEF installation is in progress.

4.On successful installation of CEF Browser, YubiKey authentication window appears.
Enter Username and Password to Sign In if already registered. If not registered, registration page displays.

 

5.On “Set up multifactor authentication” window, click Configure factor.

6.On “Set up security key or biometric authenticator” window, click Enroll.

7.On “Set up multifactor authentication” window, check the enrolled factors and click Finish.

8.The connection is established and the connection details display.