Product Documentation

A normal FIDO user performs various operations using skfsclient, such as registration, authentication, authorization, getting key information, updating key information, and deleting keys.

  1. Open a terminal window.

  2. Change directory where skfsclient.jar is present.

    shell> cd /usr/local/strongkey/skfsclient
  3. Execute sample client to view usage by using the following command:
    shell> java -jar skfsclient.jar

    Output

    $ example:~/skfsclient> java -jar skfsclient.jar 
    
    Copyright (c) 2001-2024 StrongAuth, Inc. All rights reserved.

    Command: R (registration) | A (authentication) | G (getkeysinfo) | U (updatekeyinfo) | D (deregister)
    java -jar skfsclient.jar R <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <username> <origin> <crossorigin>
    java -jar skfsclient.jar A <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <username> <origin> <authcounter> <crossorigin> <saml>
    java -jar skfsclient.jar DA <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <origin> <authcounter> <crossorigin> <saml> <credential id> <iterations>
    java -jar skfsclient.jar AZ <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <username> <txid> <txpayload> <origin> <authcounter> <crossorigin> <verify>
    java -jar skfsclient.jar G <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <username>
    java -jar skfsclient.jar U <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <keyid> <displayname> <status>
    java -jar skfsclient.jar D <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <keyid>

 

Here is a brief description of each argument used with skfsclient:

Value

Explanation

did

Unique domain identifier that belongs to SKCE

hostport

Host and port to access the FIDO SOAP and REST formats:

http://<FQDN>:<non-ssl-portnumber> or

https://<FQDN>:<ssl-portnumber>

Example: https://fidodemo.strongauth.com:8181

wsprotocol

Web socket protocol: [ REST | SOAP ]

authtype

Authentication type: [ PASSWORD ]

svcusername

Username used for PASSWORD-based authorization.

svcpassword

Password used for PASSWORD-based authorization.

username

Username for registration, authentication, or getkeysinfo.

origin

Origin to be used by the FIDO Client Simulator.

txid

Whole number decided by the RP to uniquely identify the transaction.

txpayload

The transaction quotation marks.

authcounter

Authorization counter to be used by the FIDO Client Simulator.

verify

Whether or not the client should verify the signature sent by the FIDO2 server as a response: [ true/yes | false/no ]

random-id

String associated to a specific FIDO credential registered to a specific user. This is needed to perform actions on the key, like deactivate, activate and de-register. RandomIDs can be obtained by using the G option.

crossorigin

Boolean that will determine if client data allows crossorigin or not - to be used for the FIDO Client Simulator

status

Active/Inactive. Status to set the FIDO credential or policy to.

The current defaults for PASSWORD-based authentication are as follows:

 

PASSWORD

  • svcusername = svcfidouser
  • svcpassword = Abcd1234!