You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
passkey profiles
About this tag
Passkey profiles are a new feature in Microsoft Entra ID that allows administrators to create multiple, group-scoped FIDO2 passkey policies. This replaces the previous single tenant-wide setting with a flexible, profile-based model. The public preview began in early November 2025, enabling organizations to control which passkey types and providers are allowed for different user groups. The feature also broadens acceptance of attestation formats when enforce attestation is turned off. IT teams should consider implementation and security trade-offs before rollout. This tag covers discussions on configuring passkey profiles, managing FIDO2 controls, and the implications for enterprise security and user authentication.
Microsoft’s Entra ID will let administrators create multiple, group‑scoped passkey profiles — a move that shifts passkey (FIDO2) controls from a single tenant‑wide setting to a flexible, profile-based model and introduces a broader acceptance of attestation formats when Enforce attestation is...