What is Passkey in ServiceNow MFA? How to enable and configure it?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi Community,
I am currently working on ServiceNow Multi-Factor Authentication (MFA) and I see that Passkey (WebAuthn/FIDO2) is one of the supported authentication methods.
I would like to confirm:
What exactly is Passkey in ServiceNow?
Is it simply another name for WebAuthn/FIDO2, or is it different?
How to enable Passkey in ServiceNow?
Do we need to activate any specific plugins?
Is there any system property we must configure?
How to set it up for users?
For example, can users register their device’s biometric authentication (Windows Hello, Touch ID, Face ID, etc.) as Passkey?
Where do users go in the UI to register Passkeys?
Any environment requirements?
Supported browsers?
HTTPS required?
Anything else we should be aware of?
If anyone has already implemented Passkey in ServiceNow MFA, I would really appreciate your guidance or best practices.
Thanks in advance!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Which version are you on?
I upgraded the instance of a client recently (to Yokohama) and was prompted to add MfA (since non-SSO logins require MfA) and I was able to create a passkey there when I was prompted to setup my MfA. We didn't do anything else but upgrade to Yokohama and no extra plugins were installed.
I can now login through my fingerprint (or MfA app on my phone as backup).
Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hello,thank you
I am currently using the Yokohama release. When configuring MFA, I see the option for “Passkeys.”
Does this refer to using platform authenticators such as Windows Hello on PC, Face ID/Touch ID on iPhone/iPad, or fingerprint/PIN on Android devices as an MFA method, in addition to hardware security keys like YubiKey?
Thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @kack l
1 - ServiceNow's MFA supports verification methods such as Authenticator App, Fast IDentity Online 2 (FIDO2), Passkey, and Time-based One-Time Password (OTP). Following are the details of available verification methods:
2 - Enable the Integration – Web Authentication (WebAuthn/FIDO2) plugin (com.snc.integration.webauthn).
Navigate to System Applications → All Available Applications → All, search for the plugin, then Install and Activate it (requires admin role)
3 - Go to Multi-Factor Authentication → Properties. Enable the system property glide.webauthn.enabled to turn on FIDO2-based MFA options (hardware key, biometrics, passkeys).
4 - Browser must support WebAuthn/FIDO2 most modern ones do: Chrome, Firefox, Edge, Safari.
References
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Thank you for your answer. Passkeys belong to FIDO. In the Yokohama release, does “Hardware Security Key or Passkey” include the option [iPhone, iPad, or Android device]?
