FIDO2 redirection allows applications running on the agent to access FIDO2 authenticators attached to client endpoints.
FIDO 2 stands for Fast Identity Online 2. This feature is installed automatically on supported client and agent machines. It is not an optional feature.
To use FIDO2 devices in a nested mode setup, use USB redirection in the first hop and FIDO2 redirection in the second hop. This mixed USB/FIDO2 redirection in nested mode does not support RDS hosts as the first hop.
You can collect logs on the client and agent using DCT. See Using DCT to Collect Logs for Remote Desktop Features and Components in the Horizon Administration guide.
| Client | Remote Desktop | RDS Host |
|---|---|---|
| Windows | FIDO2 authenticators are supported using FIDO2 redirection | FIDO2 authenticators are supported using FIDO2 redirection |
| Linux, Mac, Android | USB FIDO2 authenticators are supported using USB redirection | USB FIDO2 authenticators are supported using USB redirection |
| Web | USB FIDO2 authenticators are supported using USB redirection | USB FIDO2 authenticators are supported using USB redirection Chrome browser only (Run as Administrator) |
System Requirements for FIDO2 Redirection
| System | Requirements |
|---|---|
| Device | FIDO2 enabled security keys |
| Client machine operating system |
|
| Agent machine operating system |
|
Using Group Policy Settings to Configure FIDO2 Redirection
You can configure FIDO2 redirection by editing the group policy settings. See VMware View Agent Configuration ADMX Template Settings.
