![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 60%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENN%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 30%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGP%3C/text%3E%3C/svg%3E)
Hello @Naveen Nisad ,
Thank you reaching out Microsoft Q&A.
I understand you want to use external USB device(Yubikey device) inside AVD so MFA can be done.
Azure Virtual Desktop supports in-session passwordless authentication using Windows hello for business or security devices like FIDO keys when using the Windows desktop client. Passwordless authentication is enabled automatically when the session host and local PC are using the following operating systems:
- Windows 11 single or multi-session with the 2022-10 Cumulative Updates for Windows 11 (KB5018418) or later installed.
- Windows 10 single or multi-session, versions 20H2 or later with the 2022-10 Cumulative Updates for Windows 10 (KB5018410) or later installed.
- Windows Server 2022 with the 2022-10 Cumulative Update for Microsoft server operating system (KB5018421) or later installed.
Check with the default host pool property as per the below image:
When enabled, all WebAuthn requests in the session are redirected to the local PC. You can use Windows Hello for Business or locally attached security devices to complete the authentication process. If the redirectwebauthn is not enabled you can enable by following the document: https://learn.microsoft.com/en-us/azure/virtual-desktop/redirection-configure-webauthn?tabs=intune&pivots=azure-virtual-desktop
For additional information follow: https://learn.microsoft.com/en-us/azure/virtual-desktop/authentication#in-session-authentication
Hope this helps. Do let us know if you any further queries.
If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Regards,
Goutam Pratti.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 24%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYV%3C/text%3E%3C/svg%3E)