• Prepare the system for hardware token import (see document Import hardware tokens)
• Run a scenario including token authentication depending on your needs (saml, oidc, radius, api etc)
• Run the scenario for PhenixID Self Service to enable enrollment of tokens

Locate the token validation execution flow for your authentication scenario. Locate the TokenValidationValve and add the lines below marked as bold/red.

{
      "name" : "TokenValidationValve",
      "config" : {
        "provided_otp_param_name" : "{{request.User-Password}}",
        "check_yubikey" : "true",
        "otp_length" : "6"
      }
}

Note: otp_length must match the length of the provided otp from the yubikey tokens.