Support for Selecting Alternative Authentication Methods (e.g., YubiKey) during Entra ID Login on IGEL OS 12#366

Summary

The current Entra ID loginimplementation supports authentication using Email + Password or Email + Microsoft Authenticator App, both of which work reliably.

However, the login screen does not provide a button or option to select an alternative authentication method. This feature is essential for our environment, as we rely on YubiKey-based authentication (model: YubiKey 5 NFC) for secure access.

Problem Description

Although YubiKey works correctly after logging into IGEL OS 12 (e.g., within a Citrix session when signing into office.com), the initial Entra ID login lacks the “Choose another sign-in method” option that is normally available in Microsoft’s standard login flows.

Example:
Within a Citrix session, the Microsoft login page correctly shows the option to choose other authentication methods, including YubiKey. However, this option is missing on the IGEL OS 12 native Entra ID login screen.

Requested Enhancement

• Add a “Choose another sign-in method” button to the Entra ID login interface in IGEL OS 12.
• Ensure full integration with Microsoft’s standard authentication options, particularly:
  • FIDO2 / YubiKey
  • Security keys
  • Additional MFA methods supported by Microsoft Entra ID

Benefits

• Allows organizations using hardware-based MFA (e.g., YubiKey 5 NFC) to fully adopt Entra ID login on IGEL OS 12.
• Aligns IGEL’s login experience with Microsoft’s official authentication flow.
• Enhances security and compliance in environments that require phishing-resistant MFA.
• Reduces user friction by offering all expected authentication methods at the OS login stage.

Additional Notes

Once logged into IGEL OS 12, YubiKey authentication functions correctly within sessions (e.g., Citrix + office.com). The requested enhancement affects only the initial login screen of IGEL OS.