This feature is available in DualShield v6.7 or later
FIDO security keys can be enrolled by the administrators using the Admin Console.
In the Admin Console, find the user account
In the Domain list, select the domain that you want to work on, e.g. DeepnetMFA.com
If you click the "Search" button, it will list all users in the entire directory up to the query limit.
To narrow down your search, click the "Filter" button
Enter the user's login name, e.g. 2FA, then click the "Search" button (You can change the search filter or add more filters)
Open the user's token management panel by selecting "Tokens" from the user's context menu
Click the REGISTER button on the toolbar in the token management panel
Select FIDO2 in the Product/Model list
Click the "REGISTER" button
You will see a couple of security prompts as below
FIDO2 security key is optionally protected by a PIN. You will be prompted to enter the key's PIN:
Finally, you will be prompted to touch the key:
Make sure that you touch the key as soon as possible. Otherwise, it will time out shortly.
Once you have touched the key, the key will be enrolled into the user's account:
Now, the key is ready to be used by the user.