Overview
This article goes over the cause of errors when attempting to use a Yubikey to authenticate into Microsoft applications on Mac devices.
Environment
MacOS, Yubikeys, Microsoft applications
Troubleshooting/Resolution
When attempting to use a Yubikey to authenticate with Okta for Microsoft applications (Outlook, Teams, Excel, etc.) you will receive an error saying "The operation either timed or was not allowed". This is an issue between Microsoft, Okta, and the way that Mac devices handle security keys / Yubikeys.
As the issue only affects the client-side versions of the applications, the web-based versions still work as intended. The best current way to access Microsoft applications on a Mac (if your only option for authentication is a Yubikey) is to access them through a web browser by first signing into mylogin.jmu.edu and then accessing the desired application from the apps dashboard instead of the client-side application.
Ideally, the preferred method of authentication would be to enroll in Okta Verify using a Phone or iPad/tablet using the steps here. As having a phone enrolled will allow access to any version of the Microsoft suite.
Additional Information or Notes
For additional questions you can contact the JMU IT Help Desk at helpdesk@jmu.edu or 540-568-3555.