.
A discovery document for FIDO2 is published by the Gluu Server at: https://<hostname>/.well-known/fido2-configuration
This document specifies the URL of the registration and authentication endpoints.
During Janssen installation, the administrator will have the option to also install the FIDO2 component.
FIDO2 stores device credentials in the same persistence mechanism used by the Janssen deployment.
FIDO2 device enrollment happens automatically during the first authentication attempt.
All subsequent FIDO2 authentications for that user account will require the enrolled FIDO2 key.
A user's FIDO2 devices can be removed by a Gluu administrator in LDAP under the user entry as shown in the below screenshot.