Passkeys administration
This section provides an overview of the Passkeys Administration features available in the Veridium Manager. It covers the entra connector configuration, passkeys configuration and policy.
Entra connector
This section of the Veridium Manager allows you to configure integration with Microsoft Entra ID using Microsoft Graph API. It enables secure communication between the Veridium platform and Microsoft services for managing authentication-related tasks.
Configuration Fields Explained
Enabled
Toggle to enable or disable the Microsoft Graph integration.
HTTP Debug Enabled
Optional toggle to activate verbose debugging logs for HTTP requests to Microsoft Graph (useful for troubleshooting).
Client ID*
The Application (client) ID from your Entra app registration.
Tenant ID*
The Directory (tenant) ID from your Entra application.
FIDO2 Creation Options Challenge Timeout (minutes)
Specifies how long a FIDO2 registration challenge remains valid. This value should align with your organization’s security policy.
Client Secret
The application’s client secret generated in Entra. Required for authentication unless a certificate is used. Secrets starting with 8* may be ignored depending on your deployment.
Client Certificate
Upload a client certificate for secure authentication
Actions
Validate Certificate
Verifies the uploaded client certificate before you save the configuration.
Test Connection
Sends a test request to Microsoft Graph to confirm the settings are working properly.
For production environments, it is strongly recommended to use a client certificate instead of a client secret for authenticating with Microsoft Graph. Certificate-based authentication offers improved security, better key management.
Authentication method
This section allows you to configure the Relying Party ID (RP ID) and Relying Party Origin (RP Origin) for each supported type of passkey
Policy
Here we have Entra Passkey and Passkey policy, which will orchestrate the registration of passkeys.