At Axiad, we said a year ago that FIDO passkeys would likely become the gold standard in enterprise authentication. We were right then, and we’re right now. Consumer companies such as Adobe, Amazon, Apple, and Google have been rapidly adopting passkeys over the past year. Still, enterprise requirements are more complex, so it has taken some time for the FIDO standard to mature and become enterprise ready.

That time has come, with Microsoft launching FIDO2 provisioning APIs for its Entra ID cloud-based identity and access management solution. On August 7th, Microsoft published a blog about the news highlighting Axiad’s involvement in the work along with seven other leading authentication and access providers. We also issued a press release on Axiad Cloud’s integration with these new APIs.

Why is Microsoft FIDO Provisioning API a Big Deal?

Because for the first time, they provide irrefutable proof that FIDO is ready for the enterprise. There’s more to an emerging standard, however, than its maturation. There also has to be an ecosystem of vendors that can support the standard and bring it to life. Axiad Cloud does this by consolidating credentials, including FIDO passkeys, in a single “pane of glass” operational control. This is important because the typical enterprise has multiple identity providers’ systems to manage credentials. This creates siloed, labor intensive, fragmented, and unprotected environments where managing credentials requires IT intervention whenever someone has an update, issue, or request.

Axiad Cloud puts all those credentials in one place, supporting not only FIDO credentials but also public-key infrastructure (PKI)-enabled x.509 certificates. These work together to make Microsoft Entra ID multi factor authentication (MFA) phishing-resistant across enterprise-wide deployments. It also creates a better user experience through self-service credential management that puts end-users “in charge” so they are happier, and they don’t have to waste their time and distract the IT help desk with credentials-based issues. Overall, it takes the pain and complexity out of managing credentials across the enterprise and makes it much easier for organizations to combat the identity-based attacks that plague them today.

Microsoft’s release of FIDO2 provisioning APIs comes at an important time. The U.S. federal government is leading the way in trying to stop identity-based attacks through The White House Executive Order 14028, which mandates that all agency staff, contractors, and partners use phishing-resistant authentication to access systems and applications. This puts agencies under significant time pressure to adopt phishing-resistant MFA. Microsoft is helping them, along with all large enterprises, by providing a solution for implementing and managing FIDO passkeys.

Axiad has long supported the broadest assortment of credentials in the industry, but the Microsoft FIDO2 provisioning APIs for Entra ID change the game. They make FIDO passkeys a reality for every enterprise, large or small. Axiad Cloud supports the consolidated management of these credentials and helps customers deploy phishing-resistant MFA to prevent highly damaging identity-based attacks. We do this alongside the largest software company in the world, making frictionless FIDO passkeys and modern authentication an achievable reality for everyone.