For the end-user to use the FIDO2 security key, the security key first needs to be registered in Azure AD.

First, make sure your browser (like Edge, Chrome, Firefox) supports WebAuthn.

Then, navigate to the following link, and sign in.

Under Security info click Add method.

Pick Security key from the drop-down list and click Add.

Select USB Device.

Click Next.

Insert the FIDO2 security key.
Your PC will redirect you to a new window to finish setup.

Follow the instructions described in the new window.
Click Continue in the pop-up screen.

Create a PIN for this security key and enter the PIN a second time. Click OK.

Touch the Security key.

Give your security key a Name, so you can identify your key, and click Next.

You`re all Set! Registration of the security key is finished.
Click Done.

The security key is listed as one of the sign-in methods.