AWS Expands YubiKey Support with AWS SSO WebAuthn Integration

Another win for FIDO at the heels of its first industry conference, Authenticate 2020.  AWS Single Sign-On (SSO) has introduced native WebAuthn support to secure user access to AWS accounts and business applications using strong, FIDO-based multi-factor authentication (MFA) with YubiKeys.  Broader choice of authentication methods by AWS SSO is a win for modern authentication that has historically been limited to username/passwords and basic MFA to validate user access. 

This serves as yet another milestone for Yubico, an Advanced AWS Technology Partner and AWS Public Sector Partner, and the open standards work we’ve pioneered over the past decade

When AWS SSO users authenticate with a YubiKey, the public and private encoded exchange occurs, creating a phishing-resistant connection to commonly used third-party software as a service (SaaS) applications as well as other applications within the AWS ecosystem. The new features in AWS SSO allow administrators to manage access and logins to AWS SSO integrated applications. Administrators can set policies to allow apps to access certain users or groups sourced from AWS SSO or external identity providers (IdPs) such as AWS SSO Identity Store and Microsoft Active Directory. 

Using a YubiKey with AWS SSO increases identity protection, workload administration and simplifies the need to establish user credentials with each application.  Attestation using the YubiKey establishes proof that is tied to the digital you, confirming your access to various cloud based productivity and collaboration applications such as Salesforce, Slack, and Microsoft 365 – eliminating the need to authenticate into each app separately. 

With enforced enrollment features also available on AWS SSO, organizations can prevent unauthorized users from accessing valuable company data by requiring users to add multi-factor authentication methods such as biometrics or security keys.  

This is great news for the AWS and the Yubico ecosystem of app developers, systems integrators, and security administrators who are challenged to secure the organization’s ever-expanding firewall perimeter, while keeping remote workers secure and productive from anywhere, anytime. 

To learn more about protecting AWS SSO with the YubiKey, attend our joint webinar: Modern Authentication to Secure Enterprises: AWS SSO + YubiKeys on December 8th. For developers, read our recent blog: Go passwordless with the new Yubico WebAuthn Starter Kit to build support on WebAuthn. YubiKeys are available at yubico.com/store.

Talk to our teamTalk to our team

Share this article:


  • Piloting Europe’s future ID: Passkeys securing digital walletsOver the last several years, passkeys have become ubiquitous. They are available on every mobile platform, in every leading browser, as part of all major enterprise IAM solutions, and in most major cloud services. Until wwWallet came along, the only place where passkeys hadn’t yet made an impact is in the rapidly developing world of […]Read moredigital identity walletspasskeysSIROSwwWallet
  • We’re excited for what’s to come – meet us in-person to find out whyIt’s been a busy year for our team, filled with exciting company and product updates aimed at better serving our customers and helping them achieve cyber resilience as AI-driven phishing threats continue evolving globally. Between industry award recognitions and key new executive leadership hires to lead Yubico to its next stage of growth and a […]Read more
  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST
  • 2025 Global State of Authentication survey: A world of difference in cybersecurity habitsIn a world that’s more connected than ever, the landscape of cybersecurity threats is constantly evolving. Bad actors, now supercharged with artificial intelligence (AI), are becoming increasingly adept at exploiting human error through sophisticated phishing and social engineering attacks. This makes robust cybersecurity a universal issue, impacting everyone from individuals to the largest global enterprises. […]Read moreGlobal State of Authenticationsurvey