Skip to main content
Skip table of contents

Entra or Azure AD (AAD) - Workstation Setup

Azure AD (AAD) Setup

  1. Sign into your Azure portal as an administrator.

  2. Browse to Microsoft ID Entra > Security > Authentication methods > FIDO2 Security Key (Preview).

  3. Under the method FIDO2 Security Key, set the following options and save the configuration:

    1. Enable - Yes or No.

    2. Target - All users or Select users.

    3. Enforce attestation – Set to No.

Entra Azure AD setup screen

Prepare End User Devices

Setting up User Devices

End user devices require the latest Microsoft operating system and VeroGuard’s Serenity Companion Service. If the device you are preparing does not have Bluetooth, please install the USB BT adaptor provided with the VeroCard when completing end user set-up.

Update all Devices to 20H2 (minimum)

Hybrid Azure AD joined devices must run Windows 10 version 2004 or newer.

Serenity Companion Service

Run the Serenity Companion installer package which will set the service to run in the background, enabling the VeroCard to securely communicate with VeroGuard via the PC’s Bluetooth connection. You can find the installer at Downloads section.

If Windows defender or your Antivirus software shows an alert, please select the option to Install anyway.

The Serenity Companion installer will enable security keys for Windows sign-in as described in the Microsoft technical articles by adding the following key to the registry during installation:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Policies\PassportForWork\SecurityKey - UseSecurityKeyForSignin – REG_DWORD = 0x00000001

Connecting and Activating VeroCard

The following sections can be completed by end users; however, certain tasks, such as setting a PIN, must be done by the end user only. Users can refer to the VeroCard User Guide for assistance. For more information on this, refer to Set your PIN section.

Before a VeroCard can be used for authentication, it must be paired with a PC. Pairing the VeroCard follows the same procedure as pairing any other Bluetooth device and requires passcode confirmation for added security.

Activation is the process by which VeroGuard links the device to the VeroGuard Platform, ensures its security status, and allows the end user to set their secret PIN.

When you first power on your VeroCard, it will display the message Ready for Activation below the VeroCard number.

The VeroCard keypad is deactivated while it is on the charger. Make sure to remove your VeroCard from the charger when performing any activities. You can return it to the charger in between if needed.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close