Authenticating using FIDO2 tokens. Successful authentication redirects the user to configured destination and marks the session "authenticated".


Name Description Default value Mandatory
successURL The URL to redirect the browser to after successful authentication. Yes
loginTemplate Template to use for user interface. fido2.template No
includeQueryString Enable to append query string (passed to authenticator) to successURL. false No
userNameParamName Name of the username request attribute. username No
pipeID Id of the pipe to execute after successful token validation. The pipe must return a single item. N/A Yes
allowLanguageChange Enable or disable language change. Set true to allow language change. No

Example Configuration

    "alias" : "fidoAuth",
    "name" : "Fido2Authenticator",
    "configuration" : {
      "successURL" : "/config/",
      "pipeID" : "uservalidationpipe"
    "id" : "fidoAuth"


Authenticator knows the following localisation keys:

  • login.messages.username
  • login.messages.signin


At least one FIDO token enrolled to the user authenticating.