Skip to main content

Provision YubiKey OATH HOTP device (Help Desk)

Intended audience: Administrators

As an administrator, you can provision a YubiKey OATH HOTP device for an end user in your organization.

The process explained in this topic might vary, depending your configuration settings.

Prerequisites

  • Programmed YubiKey as described in Program YubiKeys to generate OATH HOTP passcodes

  • Device ID - This is stamped on the YubiKey device and obtained from the configuration log (PSKC) file under <SerialNo>

  • Secret key - The secret key for the associated YubiKey device in the configuration log file (PSKC) file under <Secret><PlainValue>

Provisioning YubiKey in the Identity Platform

Follow these steps to provision and assign a YubiKey OATH HOTP device for an end user in your organization.

  1. Open the Account Management (Help Desk) page.

  2. Enter your administrator username and authenticate to the Help Desk page.

  3. Enter the username of the account to which you want to associate and provision a YubiKey OATH HOTP device. Click Get User.

  4. In the OTP devices section, click Assign a device.

  5. In the Add OATH Device dialog, enter the following information.

    Device ID

    The device ID stamped on the YubiKey device and obtained from the configuration log (PSKC) file under <SerialNo>.

    Secret Key

    The secret key for the associated YubiKey device in the configuration log file (PSKC) file under <Secret><PlainValue>.

    Note

    If there is more than one entry in the configuration log (PSKC) file, be sure to use the latest plain value saved for this YubiKey device.

    Counter

    Set the counter to 0 (zero).

  6. Click Add Device.

    The YubiKey OATH HOTP device displays with the associated device ID, along with the date and time it was added to the user account.