Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
idumancic
Staff
Staff

Created on ‎09-02-2025 02:01 AM

Article Id 409182

Technical Tip: How to fix the error Invalid 'sameOriginWithAncestors' value when adding new Fido Key

Description This article describes how to fix the error Invalid 'sameOriginWithAncestors' value when adding a new Fido Key in FortiAuthenticator GUI.
Scope FortiAuthenticator v6.6 and higher.
Solution

This error can appear in FortiAuthenticator v6.6.x in combination with Chrome versions:

  • v133.0.6943.127 (Official Build) (64-bit).
  • v133.0.6943.142 (Official Build) (64-bit).

 

Adding a new Fido Key to a user from FortiAuthenticator GUI, go to User Management -> Local Users, select the user, and edit it.

Enable FIDO Authentication, select Register FIDO key, and the Add new FIDO Key window opens. Enter the key name and select OK.

 

The Next error appears: Invalid 'sameOriginWithAncestors' value

 

fido-error.JPG

 

Solution:

Check if any password manager browser extension is in use. In that case, the password manager extension is intercepting all possible authentication credentials, as the browser itself is prompting for authentication.

 

To add a new FIDO key, it is necessary to disable the extension in Chrome.  There should be a possibility in some extensions in the settings to exempt certain URLs where FIDO might be used.

 

74
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.