Enable FIDO2 authentication

FIDO2 is an authentication standard hosted by FIDO Alliance. This standard includes the Web Authentication ("WebAuthn") API, which is a specification written by the World Wide Web Consortium (W3C) and FIDO, with participation from additional third parties. The WebAuthn API is backward compatible with Universal 2nd Factor (U2F) keys.

CyberArk leverages the WebAuthn API to enable passwordless authentication to the CyberArk Identity using either external or on-device authenticators.

Single-factor FIDO2 authenticators are something you have. Examples are external authenticators like security keys that you plug into the device's USB port; for example, a YubiKey.

Refer to NIST 800-63b for more information about single-factor cryptographic devices.

Supported multi-factor FIDO2 authenticators are something you are. Popular examples are biometric authenticators integrated into device hardware, such as Mac Touch ID, Windows Hello, and fingerprint scanners.

Refer to NIST 800-63b for more information about multi-factor cryptographic devices.

Refer to https://webauthn.io/ and https://fidoalliance.org/fido2/ for more information about WebAuthn and FIDO2, respectively.