@Vladyslav Bondarchuk Thank you for reaching out to us, As I understand you want to have end users to register FIDO2 security key as sign in method without the need to install Microsoft Authenticator app.
As far I know, its not possible, You must register first Authenticator app and then FIDO2, but the authenticator couldn´t be removed as it is a backup method. But you could use authentication strength to enforce FIDO2 - https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-strengths
Same has been documented under requirements section - https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-enable-passkey-fido2
Let me know if you have any further questions, feel free to post back.
Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.