# Authorization on the HES server via a FIDO key

On the Hideez Enterprise Server, both administrators and users can authenticate using the following options:

* [Password-based](/use-cases/fido-security-key/using-hideez-key-as-u2f-security-key-for-your-two-factor-authentication.md) login with hardware Hideez Keys as a second Factor (FIDO U2F).
* [Passwordless login](#passwordless-login) with hardware Hideez Keys (FIDO/WebAuthn).
* [Password-based login](/use-cases/fido-security-key/using-hideez-key-as-u2f-security-key-for-your-two-factor-authentication.md) with [hardware security keys by other vendors](/use-cases/fido-security-key/other-vendors-hardware-keys.md) as a second Factor (FIDO U2F).
* [Passwordless login](#passwordless-login) using [third-party hardware security keys (FIDO/WebAuthn).](/use-cases/fido-security-key/other-vendors-hardware-keys.md)
* [Login with the Hideez Authenticator mobile app](https://authenticator.hideez.com/) (Biometric passwordless login/two-factor authentication) – available on Android and iOS.
* [Platform authentication](/hideez-enterprise-server/administration/platform-authentication-on-the-hes-server.md) using Windows, macOS, iOS, or Android.
* [Authentication using Passkeys.](https://fidoalliance.org/passkeys/)

You can configure FIDO key authentication on HES, using either an external FIDO key or a platform security key. Additionally, FIDO2 attestation can be enabled to ensure the device's authenticity and disable platform keys if necessary.

{% hint style="info" %}
**Platform keys** allow users to authenticate using built-in device features like **Touch ID**, **Face ID**, or **Windows Hello** for easier logins.
{% endhint %}

### Step 1. Adding a key <a href="#shag-1-dobavlenie-klyucha" id="shag-1-dobavlenie-klyucha"></a>

1. In the upper-right corner of the window, click the **profile icon** and select **Profile** from the drop-down list.

   <figure><img src="/files/Z4qPYByJAgx6HrSqHSxS" alt="" width="563"><figcaption></figcaption></figure>

2. Go to the **Security Keys** section and click **Add FIDO2 Authenticator**.

<figure><img src="/files/oHj8AiBlnrdSwXlymj15" alt="" width="563"><figcaption></figcaption></figure>

3. Choose the type of key and click **Next**.

<figure><img src="/files/8CT3Ol2frtOZUGPwfo77" alt="" width="375"><figcaption></figcaption></figure>

4. Follow the on-screen instructions for your FIDO key:

* For **Hideez Keys**, refer to the specific [guide](/quick-start-guides/fido2-and-u2f-authentication-guide.md).
* For **platform security keys**, follow the [relevant instructions](https://enterprise.hideez.com/hideez-enterprise-server/administration/platform-authentication-on-the-hes-server).

You can add multiple keys if needed.

### Step 2. Authorization via the FIDO key. <a href="#shag-2-avtorizaciya-s-pomoshyu-fido-klyucha" id="shag-2-avtorizaciya-s-pomoshyu-fido-klyucha"></a>

#### **Passwordless Login**

If your key was registered without the "Use Passwordless" option:

1. Enter your email address.

<figure><img src="/files/KqeuZBF0ZhAXBpXuiEoT" alt="" width="263"><figcaption></figcaption></figure>

2. Select the **Sign in with a security key** option.
3. Follow the on-screen instructions:

   * Insert your FIDO key.

   <figure><img src="/files/fGJxvNQDdnRkyztc2Ve1" alt="" width="275"><figcaption></figcaption></figure>

   * Enter your PIN code.

   <img src="/files/IwvWxr0QBW3PIk9ZUQhk" alt="" width="375">

   * When the green LED flashes, press the button on the key.

   ![](/files/HYaxsOkBfg2fleT7n8hQ) ![](/files/cKGlIgGk3GhfGWgkLiRj)

You will then be authorized on the HES server.

#### **User nameless Login**

If your key was registered with the "Use User nameless" option:

1. Select the **Sign in with a security key** option.

<figure><img src="/files/kipSDpHXgvAQyOKSjiHf" alt="" width="266"><figcaption></figcaption></figure>

2. Follow the on-screen instructions:

* Insert your FIDO key.

<figure><img src="/files/fGJxvNQDdnRkyztc2Ve1" alt="" width="275"><figcaption></figcaption></figure>

* Enter your PIN code.

<img src="/files/IwvWxr0QBW3PIk9ZUQhk" alt="" width="375">

* When the green LED flashes, press the button on the key.

![](/files/HYaxsOkBfg2fleT7n8hQ) ![](/files/cKGlIgGk3GhfGWgkLiRj)

#### Step 3: Managing Your Keys

You can manage your registered keys by renaming or deleting them using the corresponding buttons in the **Security Keys** section.

***

{% hint style="info" %}
This process simplifies user authentication while ensuring security through FIDO key integration on the Hideez Enterprise Server.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://enterprise.hideez.com/hideez-enterprise-server/administration/authorization-on-the-hes-server-via-a-fido-key.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.