How to Self-Enroll Yubikeys and FIDO2 Keys Using your Existing Entra ID Account

How to Self-Enroll Smartcards and FIDO2 Keys for Entra CBA Using Entra ID and EZCMS

This page will guide you on how to create your passwordless identity, your organization might require you to have a hardware token if you have not requested a hardware token, please request one.

How To Onboard Phishing Resistant FIDO2 and Entra CBA with Existing Microsoft 365 Account

  1. Open the EZCMS Tool.
  2. Login.
  3. Navigate to “Request Identity”.
  4. Select “SSO Login” and click Next. How To Onboard YubiKey To Entra ID
  5. Connect the hardware key or smartcard to your computer.
  6. Select the domain and account you want to create an identity for. Select Domain for Entra CBA Certificate creation
  7. Select the Hardware key you want to use. How To create certificate for Yubikey for Entra CBA
  8. Enter your PIN (If this is the first time it will ask you to confirm your PIN).
  9. Click “Next” Request a Yubikey Certificate for Entra CBA and FIDO2
  10. Follow the instructions on the screen (If it freezes, it might be waiting for input on your YubiKey, look at the YubiKey to see if it is flashing slowly, if it is, press the copper part).
  11. Your Key is now read to use!