A normal FIDO user performs various operations using skfsclient, such as registration, authentication, authorization, getting key information, updating key information, and deleting keys.
Open a terminal window.
Change directory where skfsclient.jar is present.
shell> cd /usr/local/strongkey/skfsclient
shell> java -jar skfsclient.jar
Output
$ example:~/skfsclient> java -jar skfsclient.jar
Copyright (c) 2001-2024 StrongAuth, Inc. All rights reserved.
Command: R (registration) | A (authentication) | G (getkeysinfo) | U (updatekeyinfo) | D (deregister)
java -jar skfsclient.jar R <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <username> <origin> <crossorigin>
java -jar skfsclient.jar A <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <username> <origin> <authcounter> <crossorigin> <saml>
java -jar skfsclient.jar DA <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <origin> <authcounter> <crossorigin> <saml> <credential id> <iterations>
java -jar skfsclient.jar AZ <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <username> <txid> <txpayload> <origin> <authcounter> <crossorigin> <verify>
java -jar skfsclient.jar G <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <username>
java -jar skfsclient.jar U <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <keyid> <displayname> <status>
java -jar skfsclient.jar D <hostport> <did> <wsprotocol> <authtype> <svcusername> <svcpassword> <keyid>
Here is a brief description of each argument used with skfsclient:
Value |
Explanation |
---|---|
did |
Unique domain identifier that belongs to SKCE |
hostport |
Host and port to access the FIDO SOAP and REST formats: http://<FQDN>:<non-ssl-portnumber> or https://<FQDN>:<ssl-portnumber> Example: https://fidodemo.strongauth.com:8181 |
wsprotocol |
Web socket protocol: [ REST | SOAP ] |
authtype |
Authentication type: [ PASSWORD ] |
svcusername |
Username used for PASSWORD-based authorization. |
svcpassword |
Password used for PASSWORD-based authorization. |
username |
Username for registration, authentication, or getkeysinfo. |
origin |
Origin to be used by the FIDO Client Simulator. |
txid |
Whole number decided by the RP to uniquely identify the transaction. |
txpayload |
The transaction quotation marks. |
authcounter |
Authorization counter to be used by the FIDO Client Simulator. |
verify |
Whether or not the client should verify the signature sent by the FIDO2 server as a response: [ true/yes | false/no ] |
random-id |
String associated to a specific FIDO credential registered to a specific user. This is needed to perform actions on the key, like deactivate, activate and de-register. RandomIDs can be obtained by using the G option. |
crossorigin |
Boolean that will determine if client data allows crossorigin or not - to be used for the FIDO Client Simulator |
status |
Active/Inactive. Status to set the FIDO credential or policy to. |
The current defaults for PASSWORD-based authentication are as follows:
PASSWORD