One Identity Safeguard for Privileged Sessions 6.9.3 - YubiKey Multi-Factor Authentication

Chat now with support

Get Live Help
Complete Registration

Sign In

Request Pricing

Contact Sales

One Identity Safeguard for Privileged Sessions 6.9.3 - YubiKey Multi-Factor Authentication - Overview

Introduction How SPS and YubiKey work together in detail Technical requirements

[USERMAPPING]

By default, SPS assumes that the external YubiKey identity of the user is the same as the gateway username (that is, the username the user used to authenticate on SPS during the gateway authentication). If there was no gateway authentication, then the server username is used for authentication.

The gateway usernames are different from the external YubiKey identities, you must configure the SPS YubiKey plugin to map the gateway usernames to the external YubiKey identities.

The external identity is the YubiKey Public ID, which is 12 lowercase letters.

You can use the following methods:

Explicit mapping: [usermapping source=explicit]
LDAP server mapping: [usermapping source=ldap]

To look up the external YubiKey identity of the user from an LDAP/Active Directory database, configure the [usermapping source=ldap_server] section of the SPS YubiKey plugin.

The Explicit method has priority over the LDAP server method.

If you have configured neither the append_domain parameter nor any of the [USERMAPPING] sections, SPS assumes that the external YubiKey identity of the user is the same as the gateway username.

Please select your product:

To serve you better, please complete the Purpose of your Chat:

Recommended Solutions for Your Problem

One Identity Safeguard for Privileged Sessions 6.9.3 - YubiKey Multi-Factor Authentication - Overview

[USERMAPPING]