U2F API deprecation message within Chrome 96+ during registration or use of a Security Key
Last updated 2022-05-30 ·Reference W-10249222 ·Reported By 214 users
Summary
As a user attempting to use or register a U2F key on Chrome 96+, you may receive a pop-up indicating the following with an option to 'Allow' or 'Deny':
"xxxx.my.salesforce.com wants to use your security key. This site won't be able to use the U2F API after February 2022. If you own this site, you should change it to use the Web Authentication API."
Please note that this prompt is generated by Chrome, not Salesforce, and is due to an upcoming deprecation of Chrome's support for the legacy U2F API. You can read more about this at the Chrome blog below.
https://developer.chrome.com/blog/deps-rems-95/#deprecate-u2f-api-cryptotoken
Please know that Salesforce is aware of the planned deprecation of U2F security keys in Google Chrome in February 2022.
We are taking necessary actions to ensure that customers can continue using U2F keys with products built on Salesforce Platform. More details will become available within our MFA FAQ (link below) once we've fixed.
https://help.salesforce.com/s/articleView?id=000352937&type=1
Repro
- Ensure you are on the latest version of Chrome (v96+)
- Attempt to use or register a U2F key within Salesforce
- Note you will see a pop-up with the 'Allow' or 'Deny' prompt with the above indicated error message
Workaround
1. Select 'Allow' when you are prompted during the use or registration of your U2F key within Chrome
Note: We are seeing reports of users not being able to successfully register the device even after hitting "Allow". If you are still affected, please know we unfortunately do have any other workaround and you must wait for a fix to be released from our end by monitoring this known issue.
January 12th, 2022:
Salesforce is aware of the planned deprecation of certain U2F API in Google Chrome and Microsoft Edge in February 2022. Starting with Chrome 96 and Microsoft Edge 96, a browser warning informed users about the impending deprecation when using a U2F key.
We are taking necessary actions to ensure that customers can continue using U2F keys with products built on the Salesforce Platform. Our U2F implementation will be updated to fully meet latest browser requirements in Summer ’22 release. A partial solution that allows use of the current U2F API for an extended time period and eliminates the browser warning has been released in a Winter ’22 patch.
Organization that use domains other than salesforce.com and force.com (for example, Experience Cloud sites such as community.yourcompany.com) will not be able to use U2F keys until a complete solution is available in Summer ‘22.
Reported By (214)





















































Is it Fixed?
Any unreleased services, features, statuses, or dates referenced in this or other public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make their purchase decisions based upon features that are currently available.