Use case: FIDO passkey self-service for end users
This article shows an example of how end-users can manage their FIDO passkeys.
The following screenshot shows the full self-service feature set for end users:
Function | Purpose |
|---|---|
Add | This function allows the users to add additional FIDO passkeys to the account. |
Delete | This function allows the users to remove a FIDO passkey from their account irrevocably. There is a configuration option that can prevent the deletion of the last FIDO passkey from the account. |
Rename | To identify a FIDO token, the user can assign and change the display name for the passkey. This display name is not to be confused with the AAGUID used to identify the model and make of the device. The AAGUID is a technical ID. In the self-service, the model and make of the passkey is displayed as the header for every device. |
Enable/Disable | This function allows the users to temporarily disable and later re-enable a FIDO passkey. |
Exit Page | This function allows the users to leave this page and return to a configurable URL. |
Further information and links
- See FIDO passkey management self-service configuration for more information on how to configure the FIDO self-service management UI
- See FIDO authentication (WebAuthn, U2F, CTAP) for a general introduction of FIDO.