Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

Integrating YubiKey "HOTP" With Centrify Identity Platform

8 July,19 at 06:33 PM


The HOTP algorithm specifies an event-based OTP algorithm, where the moving factor is an event counter. HOTP uses a counter which increases each time a code is created and, therefore, is time independent

The following is an end-to-end guide for integrating Yubikeys with the Centrify Identity Service platform using the OATH-HOTP

What would you need


Insert your Yubikey in your USB port as it is a full-featured key with USB contact


Additional capabilities can be reviewed at YubiKey NEO



Configuring the YubiKey

1.     Start the Yubikey Personalization tool

2.     Select OATH-HOTP

3.     Click on the “Advanced” button




1-    Confirm you are within the OATH-HOTP configuration tab

2-    Confirm that the Yubikey is inserted and can be read

3-    Make sure to select “Configuration Slot 2

4-    Untick the “OATH Token Identifier, if it is already selected


5-    Select “6 digits” option

6-    Generate a secret key

7-    A key is generated. Highlight the key and Copy it as it will be used later

8-    Finally write the above configuration to the key

9-    Confirm config is written and no errors are displayed





Integration with Centrify Identity Cloud Platform

Log on to the Centrify Cloud Service as a Cloud Admin user and navigate to the “Settings” tab




1.     Select Authentication

2.     OATH Tokens

3.     Click on the “Bulk Token Import” to open the CSV file for filling the Yubikey token details




Fill in and Complete the bulk import spreadsheet as per the example below. Insure to paste the previously copied HEX key in the appropriate cell.


Save the file, then browse to that file to upload it and click next to complete importing the keys.



You should end up with a similar configuration as below






Additional Configuration required within the Centrify Identity platform



Create your custom “Authentication Profile” to specify the Multi-Factor Authentication profile with the options required


Ensure to select “OATH OTP Client” either on the 1st or 2nd challenge








Enable the login Authentication option


Select the desired Login Profile previously configured






Enable OATH OTP in the Policies Set




Results and Conclusion

Now that all configuration and integration is completed, users can use the Yubikey to login to the Centrify Identity Portal




Start the Centrify portal and provide your login ID and click next to move to the MFA login screen








Touch the Yubikey key for about 3 seconds to generate the counter based HOTP


You should be able to login successfully now to your Centrify Portal environment





We hope this integration guide was helpful. For all other questions on how Centrify can help you consolidate user identities and solve the #1 cause of all cyber-attacks, please contact us at