Skip to content

Maintenance on upgrade.yubico.com

2022-01-05

On Tuesday, January 11th, 2022 we will perform maintenance on upgrade.yubico.com.

The service will be unavailable between 08:00 and 10:00 UTC.

YubiCloud service restored

2021-12-15

As of December 15 2021 at 17:00 UTC, YubiCloud service has returned to normal. Due to issues with our Cloud platform provider, requests to our US-West region intermittently failed for about 45 minutes between 15:15 – 16:00 UTC. No other regions were affected.

YubiCloud interrupted service

2021-12-15

Yubico is aware of disruptions to our YubiCloud service. AWS is experiencing a service outage which is impacting YubiCloud. Requests routed to YubiCloud’s US-West region are impacted in the form of intermittent failures. We apologize for any inconvenience caused by the disruption to the YubiCloud service and are closely monitoring for AWS recovery. Updates will be provided here as more information becomes available.

YubiCloud service restored

2021-12-08

As of December 08 2021 at 04:15 UTC, YubiCloud service has returned to normal.

YubiCloud interrupted service

2021-12-07

Yubico is aware of disruptions to our YubiCloud service.  AWS is experiencing a service outage which is impacting YubiCloud.  The majority of the impact is to those requests routed to YubiCloud’s US-East region. We apologize for any inconvenience caused by the disruption to the YubiCloud service and are closely monitoring for AWS recovery.  Updates will be provided here as more information becomes available.

Maintenance on upload.yubico.com

2021-05-18

On Thursday, May 20th, 2021 we will perform maintenance on upload.yubico.com.

The service will be unavailable between 08:00 and 13:00 UTC.

One api.yubico.com; One HTTP GET

2021-04-15

A year ago, we moved all YubiOTP validation API servers behind one common api.yubico.com endpoint, introducing a modernized, cloud-based, YubiOTP validation service to improve reliability and scalability. As a result, customers no longer need to call multiple endpoints; instead, we recommend  implementing Yubico OTP support in applications using an HTTP GET request to api.yubico.com.

In order to direct YubiCloud clients to the closest location, domain names pointing to the new service are geolocated to the closest endpoint to the requestor. If you have not done so already, we recommend configuring your clients to point to our servers via the api.yubico.com domain name.

Refer to this status post from 2019 to ensure you have updated your configurations: https://status.yubico.com/2019/11/21/2019-11-21-yubicloud-service-upgrade/

The Yubico legacy client libraries in PHP, C, .NET, Perl, and Java on Github will be archived; they will not be updated to call the new endpoint. Their main benefit was to abstract the calling of multiple YubiCloud endpoints from client applications. This is no longer necessary and actually makes resulting client applications use the backwards-compatible legacy interface for YubiCloud, which is a sub-optimal solution for our customers.
By implementing the one HTTP GET call directly in client applications, customers no longer need to take a dependency on a 3rd party library in their solutions.

How to generate and verify signatures and how to construct an HTTP GET call to verify OTPs and what responses you need to handle is outlined in the Yubico OTP Validation Protocol Version 2.0 that can be found on https://developers.yubico.com/OTP/Specifications/OTP_validation_protocol.html  
For more recent (and older) status.yubico.com updates, please scroll through https://status.yubico.com/

api.yubico.com unscheduled downtime

2020-12-22

On Wednesday, November 25, 2020, starting at about 15:00 UTC Yubico became aware of an issue servicing api.yubico.com requests which were routed to YubiCloud’s US-East data center.  At peak, about 2.5% of requests were receiving error responses.  By 17:00 UTC, error rates had fallen to < 0.5% with complete resolution by 19:00 UTC.  Only requests sent to the US-East data center were affected; all other data centers were operating normally.  A retry of a failed request should have been successful.


The underlying cause was a prolonged outage of services in AWS’s US-East1 region.  AWS is YubiCloud’s Cloud Platform provider.  More information on the AWS outage can be found here.  


We apologize for any inconvenience the disruption of YubiCloud’s service may have caused.  Steps are being taken to mitigate the effects of such outages upon our customers in the future.

Postponement of decommissioning

2020-03-20

Yubico has introduced a new global endpoint supporting our YubiOTP service based on the AWS platform. Most of our customers have already migrated to the new service. As a result of having some customers still using the legacy endpoints, we have decided to move the decommissioning date of the old service from March 23 to April 14, 2020.

For more details of the change, see https://status.yubico.com/2020/02/25/decommissioning-old-yubiotp-api-validation-servers/.

Decommissioning old YubiOTP API validation servers

2020-02-25

On March 23, 2020 Yubico will be decommissioning the old YubiOTP API validation servers. This is the final step of an ongoing initiative to improve reliability and scalability of the YubiOTP validation service.  If you are hardcoding the IP address of any of the API servers, then you will see responses indicating that they have been decommissioned.

These responses will look like:

status=DECOMMISSIONED
message=See https://status.yubico.com/

To ensure that you are not adversely impacted, please follow the instructions at https://status.yubico.com/2019/11/21/2019-11-21-yubicloud-service-upgrade/.