fido2 support with firefox on linux

Question

We are testing fido2 login for Entra and on linux with firefox and a Yubikey 5 NFC we were able to enroll the hardware token without issue. On login we are not presented with the option to use a security security key. If we forge the user agent as chrome we are presented with the option and are able to login passwordless with firefox on linux.

It appears Entra ID has an allow list of user agents for fido2 and Firefox on Linux needs to get added to the list. Our test system was Firefox 127.0, PopOS 22.04, Yubikey 5 NFC.

Answer

Hello @Brian Engert,

Thank you for posting your query on Microsoft Q&A.

Based on your description, I understand that you are testing FIDO2 key login on Linux devices using the Firefox browser. You mentioned that when using Firefox on Linux, you are not presented with the option to use a security key. However, when using Chrome on a Linux OS device, you do see the option to use a security key. Please correct me if I am wrong.

Currently, using Firefox on Linux is not supported for FIDO2 authentication with Microsoft Entra ID. This is why Entra ID does not present the option to use a security key when logging in with Firefox on Linux. Only Chrome on Linux is supported. Please refer to the screenshot and documentation below.

User's image

Reference Documentation: Web browser support

I hope this information is helpful. Please feel free to reach out if you have any further questions.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Appreciate if you could share the feedback on our feedback channel. Which would be open for the user community to upvote & comment on. This allows our product teams to effectively prioritize your request against our existing feature backlog and gives insight into the potential impact of implementing the suggested feature.

Thanks,
Raja Pothuraju.

Share via

fido2 support with firefox on linux

1 answer