The Blog

New version of EntraFIDOFinder is out now

May 5, 2025 by ClaytonT Leave a Comment

Now with over 15 new keys! It was a little slow last month, but this month they made up with adding 6 new Vendors too. For the module, most of the enhancements were on the backend, where I created a function to reorganize any keys that weren’t following the standard configuration. This happens when a new key is added, I haven’t figured a way yet to automatically pull the FIDO Alliance data so that it shows correctly. Also I added a Pester test to make sure the key JSON file is in the correct format and using the correct values.

Microsoft changed on the backend how they showed their “Yes” or “No” on the back end, so I had to adjust my code to look for check mark or an x, as well as changed the JSON validation for that as well. If you use JSON, and haven’t used schemas, I highly recommend you doing it as it will make catching or avoiding issues much easier and quicker.

Here are the database changes:

New Vendors:

Deepnet
GoldKey
SafeKey
SHALO
T-Shiled
VeridiumID

New Keys:

AAGUID	Vendor	Description
c89e6a38-6c00-5426-5aa5-c9cbf48f0382	ACS	FIDO Authenticator NF
b9f6b7b6-f929-4189-bca9-dd951240c132	Deepnet	SafeKey/Classic (USB)
b12eac35-586c-4809-a4b1-d81af6c305cf	Deepnet	SafeKey/Classic (NFC)
e41b42a3-60ac-4afb-8757-a98f2d7f6c9f	Deepnet	SafeKey/Classic (FP)
78ba3993-d784-4f44-8d6e-cc0a8ad5230e	Feitian	ePass FIDO-NFC(CTAP2.1, CTAP2.0, U2F)
39589099-9a75-49fc-afaa-801ca211c62a	Feitian	ePass FIDO-NFC (Enterprise Profile) (CTAP2.1, CTAP2.0, U2F)
0db01cd6-5618-455b-bb46-1ec203d3213e	GoldKey	Security Token
c4ddaf11-3032-4e77-b3b9-3a340369b9ad	HID	Crescendo Fusion
57235694-51a5-4a4d-a81a-f42185df6502	SHALO	SHALO AUTH
7787a482-13e8-4784-8a06-c7ed49a7aaf4	Swissbit	iShield Key 2
e400ef8c-711d-4692-af46-7f2cf7da23ad	Swissbit	iShield Key 2 Enterprise
5eaff75a-dd43-451f-af9f-87c9eeae293e	Swissbit	iShield Key 2 FIPS Enterprise
817cdab8-0d51-4de1-a821-e25b88519cf3	Swissbit	iShield Key 2 FIPS
882adaf5-3aa9-4708-8e7d-3957103775b4	T-Shield	TrustSec FIDO2 Bio and client PIN version
8d4378b0-725d-4432-b3c2-01fcdaf46286	VeridiumID	Passkey Android SDK
1e906e14-77af-46bc-ae9f-fe6ef18257e4	VeridiumID	Passkey iOS SDK

Hope you enjoyed this update and have a great day! Don’t forget to star the repo and if you have an enhancement or issue, please create a GitHub Issue or discussion.

Are there any features you wish EntraFIDOFinder had? Would you like a function to just download or view the key database without updating the module?

GitHub: https://github.com/DevClate/EntraFIDOFinder
PowerShell Gallery: https://www.powershellgallery.com/packages/EntraFIDOFinder/0.0.17
Web Version: https://devclate.github.io/EntraFIDOFinder/Explorer/

EntraFIDOFinder now with over 50 new keys!

March 17, 2025 by ClaytonT Leave a Comment

I guess I should be careful what I ask for now.. Not sure if you saw, but when Microsoft first made this update it blew up my repo with over 100 issues due to all the changes and I assumed Microsoft had changed how they formatted their website, but they hadn’t. It was just from the new keys, vendors, and changes to current keys.

All of their basic info has been updated on the web and PowerShell module, but I haven’t put all the meta data in from the FIDO Alliance, as I’m looking for a way to fully automate it when new keys are added.

Now to the part you really care about

New Vendors:

Android
Dapple Security
Eviden
Foongton
GSTAG
ID-One
IIST
Infineon Technologies AG
KeyVault
Ledger
Nitrokey
OneKey
Samsung
Securité Carte à Puce
TruU
Veridium
VeroCard
Vivokey
WinMagic
ZTPass

New Keys:

AAGUID	Vendor	Description
`eb3b131e-59dc-536a-d176-cb7306da10f5`	ellipticSecure	ellipticSecure MIRkey USB Authenticator
`8da0e4dc-164b-454e-972e-88f362b23d59`	Eviden	CardOS FIDO2 Token
`46544d5d-8f5d-4db4-89ac-ea8977073fff`	Foongton	Foongtone FIDO Authenticator
`773c30d9-5919-4e96-a4f5-db65e95cf890`	GSTAG	GSTAG OAK FIDO2 Authenticator
`7991798a-a7f3-487f-98c0-3faf7a458a04`	HID Global	HID Crescendo Key V3
`2a55aee6-27cb-42c0-bc6e-04efe999e88a`	HID Global	HID Crescendo 4000
`82b0a720-127a-4788-b56d-d1d4b2d82eac`	ID-One	ID-One Key
`f2145e86-211e-4931-b874-e22bba7d01cc`	ID-One	ID-One Key
`4b89f401-464e-4745-a520-486ddfc5d80e`	IIST	IIST FIDO2 Authenticator
`cfcb13a2-244f-4b36-9077-82b79d6a7de7`	Infineon Technologies AG	USB/NFC Passcode Authenticator
`58b44d0b-0a7c-f33a-fd48-f7153c871352`	Ledger	Ledger Nano S Plus FIDO2 Authenticator
`fcb1bcb4-f370-078c-6993-bc24d0ae3fbe`	Ledger	Ledger Nano X FIDO2 Authenticator
`341e4da9-3c2e-8103-5a9f-aad887135200`	Ledger	Ledger Nano S FIDO2 Authenticator
`2cd2f727-f6ca-44da-8f48-5c2e5da000a2`	Nitrokey	Nitrokey 3 AM
`70e7c36f-f2f6-9e0d-07a6-bcc243262e6b`	OneKey	OneKey FIDO2 Bluetooth Authenticator
`53414d53-554e-4700-0000-000000000000`	Samsung	Samsung Pass
`5343502d-5343-5343-6172-644649444f32`	Securité Carte à Puce	ESS Smart Card Inc. Authenticator
`050dd0bc-ff20-4265-8d5d-305c4b215192`	Thales	eToken Fusion FIPS
`10c70715-2a9a-4de1-b0aa-3cff6d496d39`	Thales	eToken Fusion NFC FIPS
`c3f47802-de73-4dfc-ba22-671fe3304f90`	Thales	eToken Fusion NFC PIV Enterprise
`146e77ef-11eb-4423-b847-ce77864e9411`	Thales	eToken Fusion NFC PIV
`ba86dc56-635f-4141-aef6-00227b1b9af6`	TruU	TruU Windows Authenticator
`95e4d58c-056e-4a65-866d-f5a69659e880`	TruU	TruU Windows Authenticator
`5ea308b2-7ac7-48b9-ac09-7e2da9015f8c`	Veridium	Veridium Android SDK
`6e8d1eae-8d40-4c25-bcf8-4633959afc71`	Veridium	Veridium iOS SDK
`99ed6c29-4573-4847-816d-78ad8f1c75ef`	VeroCard	VeroCard FIDO2 Authenticator
`d7a423ad-3e19-4492-9200-78137dccc136`	VivoKey	VivoKey Apex FIDO2
`31c3f7ff-bf15-4327-83ec-9336abcbcd34`	Winmagic	WinMagic FIDO Eazy – Software
`970c8d9c-19d2-46af-aa32-3f448db49e35`	WinMagic	WinMagic FIDO Eazy – TPM
`f56f58b3-d711-4afc-ba7d-6ac05f88cb19`	WinMagic	WinMagic FIDO Eazy – Phone
`b7d3f68e-88a6-471e-9ecf-2df26d041ede`	Yubico	Security Key NFC by Yubico
`9ff4cc65-6154-4fff-ba09-9e2af7882ad2`	Yubico	Security Key NFC by Yubico – Enterprise Edition (Enterprise Profile)
`34f5766d-1536-4a24-9033-0e294e510fb0`	Yubico	YubiKey 5 Series with NFC Preview
`6ec5cff2-a0f9-4169-945b-f33b563f7b99`	Yubico	YubiKey Bio Series – Multi-protocol Edition (Enterprise Profile)
`8c39ee86-7f9a-4a95-9ba3-f6b097e5c2ee`	Yubico	YubiKey Bio Series – FIDO Edition (Enterprise Profile)
`24673149-6c86-42e7-98d9-433fb5b73296`	Yubico	YubiKey 5 Series with Lightning
`3a662962-c6d4-4023-bebb-98ae92e78e20`	Yubico	YubiKey 5 FIPS Series with Lightning (Enterprise Profile)
`20ac7a17-c814-4833-93fe-539f0d5e3389`	Yubico	YubiKey 5 Series (Enterprise Profile)
`b90e7dc1-316e-4fee-a25a-56a666a670fe`	Yubico	YubiKey 5 Series with Lightning (Enterprise Profile)
`760eda36-00aa-4d29-855b-4012a182cdeb`	Yubico	Security Key NFC by Yubico Preview
`fcc0118f-cd45-435b-8da1-9782b2da0715`	Yubico	YubiKey 5 FIPS Series with NFC
`ff4dac45-ede8-4ec2-aced-cf66103f4335`	Yubico	YubiKey 5 Series
`7b96457d-e3cd-432b-9ceb-c9fdd7ef7432`	Yubico	YubiKey 5 FIPS Series with Lightning
`97e6a830-c952-4740-95fc-7c78dc97ce47`	Yubico	YubiKey Bio Series – Multi-protocol Edition (Enterprise Profile)
`6ab56fad-881f-4a43-acb2-0be065924522`	Yubico	YubiKey 5 Series with NFC (Enterprise Profile)
`d2fbd093-ee62-488d-9dad-1e36389f8826`	Yubico	YubiKey 5 FIPS Series (RC Preview)
`4599062e-6926-4fe7-9566-9e8fb1aedaa0`	Yubico	YubiKey 5 Series (Enterprise Profile)
`d7781e5d-e353-46aa-afe2-3ca49f13332a`	Yubico	YubiKey 5 Series with NFC
`62e54e98-c209-4df3-b692-de71bb6a8528`	Yubico	YubiKey 5 FIPS Series with NFC Preview
`34744913-4f57-4e6e-a527-e9ec3c4b94e6`	Yubico	YubiKey Bio Series – Multi-protocol Edition
`ed042a3a-4b22-4455-bb69-a267b652ae7e`	Yubico	Security Key NFC by Yubico – Enterprise Edition
`3b24bf49-1d45-4484-a917-13175df0867b`	Yubico	YubiKey 5 Series with Lightning (Enterprise Profile)
`3124e301-f14e-4e38-876d-fbeeb090e7bf`	Yubico	YubiKey 5 Series with Lightning Preview
`9e66c661-e428-452a-a8fb-51f7ed088acf`	Yubico	YubiKey 5 FIPS Series with Lightning (RC Preview)
`ce6bf97f-9f69-4ba7-9032-97adc6ca5cf1`	Yubico	YubiKey 5 FIPS Series with NFC (RC Preview)
`2772ce93-eb4b-4090-8b73-330f48477d73`	Yubico	Security Key NFC by Yubico – Enterprise Edition Preview
`ad08c78a-4e41-49b9-86a2-ac15b06899e2`	Yubico	YubiKey Bio Series – FIDO Edition
`905b4cb4-ed6f-4da9-92fc-45e0d4e9b5c7`	Yubico	YubiKey 5 FIPS Series (Enterprise Profile)
`b415094c-49d3-4c8b-b3fe-7d0ad28a6bc4`	ZTPass	ZTPass SmartAuth

Updated Keys
- Updated ‘NFC’ for AAGUID ’30b5035e-d297-4ff1-b00b-addc96ba6a98′ from ‘Yes’ to ‘No’.
- Updated ‘Description’ for AAGUID ’83c47309-aabb-4108-8470-8be838b573cb’ from ‘YubiKey Bio Series (Enterprise Profile)’ to ‘YubiKey Bio Series – FIDO Edition (Enterprise Profile)’.
- Updated ‘Description’ for AAGUID ‘5ca1ab1e-1337-fa57-f1d0-a117e71ca702’ from ‘Allthenticator App: roaming BLE FIDO2 Allthenticator for Windows, Mac, Linux, and Allthenticate door readers’ to ‘Allthenticator iOS App: roaming BLE FIDO2 Allthenticator for Windows, Mac, Linux, and Allthenticate door readers’.
- Updated ‘Description’ for AAGUID ‘d8522d9f-575b-4866-88a9-ba99fa02f35b’ from ‘YubiKey Bio Series’ to ‘YubiKey Bio Series – FIDO Edition’.
- Updated ‘Description’ for AAGUID ‘dd86a2da-86a0-4cbe-b462-4bd31f57bc6f’ from ‘YubiKey Bio FIDO Edition’ to ‘YubiKey Bio Series – FIDO Edition’.

I know, it was a lot for me too! Which FIDO2 keys do you like the best? Feel free to message me if you rather not put it in the comments, but would love to hear your experiences.

PowerShell Gallery: https://www.powershellgallery.com/packages/EntraFIDOFinder/0.0.16
GitHub: https://github.com/DevClate/EntraFIDOFinder
Web Version: https://devclate.github.io/EntraFIDOFinder/Explorer/

Hope you enjoyed and have a great day!

EntraFIDOFinder March Update

March 3, 2025 by ClaytonT Leave a Comment

We are in March, and looks like no new major changes. I may have to start sending this update out later in the week, as I’m wondering if Microsoft hasn’t updated their page yet.

Some things I did notice were that a few of the YubiKey names slightly changed on the FIDO Alliance database, but haven’t changed on Microsoft side, so I need to wait before I change them on mine so I don’t keep getting errors if it doesn’t match up with Microsoft.

Although, these won’t show up on Microsoft’s website, 3 Yubico keys have received L2 certification now.

dd86a2da-86a0-4cbe-b462-4bd31f57bc6f – YubiKey Bio FIDO Edition
58276709-bb4b-4bb3-baf1-60eea99282a7 – YubiKey Bio Series – Multi-protocol Edition 1VDJSN
90636e1f-ef82-43bf-bdcf-5255f139d12f – YubiKey Bio Series – Multi-protocol Edition

I’ll keep an eye out and see if Microsoft updates their naming for the few and see if any other features change, but for now, that is all. No new PowerShell module version until Microsoft puts out an update or features are added, but did add the L2 certifications to the web version.

PowerShell Gallery: https://www.powershellgallery.com/packages/EntraFIDOFinder/0.0.15
GitHub: https://github.com/DevClate/EntraFIDOFinder
Web Version: https://devclate.github.io/EntraFIDOFinder/Explorer/

Have a great day!

02-14-2025 MSOnline and AzureAD PowerShell modules.. One last Valentine’s day card each

February 14, 2025 by ClaytonT Leave a Comment

If you haven’t seen the news already, MSOnline and AzureAD PowerShell modules will be no longer supported after March 30, 2025. So looks like this will be our last year to give them a Valentine’s day card for all the times they’ve been there for us! Now, what do we need to know:

Module	End of support	Temporary outage tests	Retirement
MSOnline	March 30, 2025	Between January 20, 2025 and March 30, 2025	Early Apr 2025 to late May 2025
AzureAD	March 30, 2025	N/A	After July 1, 2025

If you haven’t already upgraded your scripts/modules that use these, the time is definitely now. Are there any scripts you can’t migrate over? If so, put it in the comments, social media, and reach out to Microsoft as well, and let’s figure it out!

Source: Microsoft Tech Community

Custom Maester Tests: Validate Full Addresses Now and Cleaned Up Wording

February 7, 2025 by ClaytonT Leave a Comment

Added 3 new tests which I think the first two will be game changers. The first 2 are tests for validating locations, in which the user must have street, city, state, postal code, country, business phone, and company name the same as the valid location in the json. If you have 3 different addreses that your company uses, you can put each in there, and they are seen as 3 different addresses so it will only pass the location test if they have all the correct values for 1 location. The 2nd test is the same as the first, but I removed business phone in case your company doesn’t have standard for it for all employees. The last test is formatting for user email accounts that should be formatted as all lower case and its first name period last name. Also I cleaned up some of the wording in all the different tests to keep them as similar as possible. Feel free to change in your tests though!

ENTRA.UV.1010.L01 – All location information

Test-ContosoUsersAllowedLocations.ps1
Test-ContosoUsersAllowedLocations.Tests.ps1
Test-ContosoUsersAllowedLocations.md

ENTRA.UV.1010.L02 – All location information minus business phone

Test-ContosoUsersAllowedLocationsNoBusinessPhones.ps1
Test-ContosoUsersAllowedLocationsNoBusinessPhones.Tests.ps1
Test-ContosoUsersAllowedLocationsNoBusinessPhones.md

ENTRA.UF.1003.T03.Email – All lower case first name period last name

Test-ContosoUsersFormattingFirstLastLowerCase.ps1
Test-ContosoUsersFormattingFirstLastLowerCase.Tests.ps1
Test-ContosoUsersFormattingFirstLastLowerCase.md

Are there any other tests you’d like to see sooner than later?

GitHub: https://github.com/DevClate/Custom-Maester-Tests
Website: https://devclate.github.io/Custom-Maester-Tests/
Maester: https://maester.dev

Have a great day!

Now you can use your own company standards with Maester custom tests

February 3, 2025 by ClaytonT Leave a Comment

I thought checking to see if they were filled in or even formatted correctly wasn’t enough.. now you can config the validation.json file in the Validating folder with your company standards to make only those values pass. Here are the fields so far, and will be adding more!

ENTRA.UV.1001 – Company Name
ENTRA.UV.1002 – Street Address
ENTRA.UV.1003 – City
ENTRA.UV.1004 – State
ENTRA.UV.1005 – Postal Code
ENTRA.UV.1006 – Country
ENTRA.UV.1007 – Business Phone Number
ENTRA.UV.1008 – Job Title
ENTRA.UV.1009 – Department

Hope you like this new update and let me know if you run into any issues or want to see any other updates. Please don’t forget to star the repo and share to get the word out so more people can add theirs.

Have a great day!

GitHub: Custom Maester Tests
Website: Custom Maester Tests
Website: Offical Maester Website