Hello everybody,
what I would like to achieve is a login via a FIDO2-certified key to a windows10 PC running the PrivacyIdea Credential Provider.
To test, I enrolled a U2F token for a user using a FIDO2-certified key. PrivacyIdea ackwnoledges the registration of the key without any problems and the user can login to the PrivacyIdea web interface using his key. Wonderful.
If the same user now tries to login to his PC running the Credential Provider, he inserts his username and password first, the credential provider sends this info to the PrivacyIdea server which in turn starts the trigger/challenge process and asks the user to make use of his security key to complete the login.
The problem is that the login process is never completed even after the key has been inserted and its button pushed. The Credential Provider keeps displaying a 2FA input field with a message that says to use the registered key to complete the login.
My question is, does the Credential Provider fully support challenge response tokens?
PS: The Credential Provider works wonderfully with a TOTP token.
Many thanks in advance.