YubiKey C Client Library: libykclient

This project is deprecated and is no longer being maintained. For more information and guidance on how to implement Yubico OTP support in applications, see https://status.yubico.com/2021/04/15/one-api-yubico-com-one-http-get/.

YubiKey C Client Library (libykclient) is a C library used to validate an Yubikey OTP against Yubico’s servers. See the Yubico website for more information about Yubico and the YubiKey.


After downloading and unpacking the package tarball, you build it as follows.

make check
sudo make install

Building from version controlled sources

Warning! This is only for developers and if you don’t understand what you are doing, you should download the release files instead.

You may check out the sources using Git with the following command:

git clone https://github.com/Yubico/yubico-c-client.git

This will create a directory yubico-c-client. Enter the directory:

cd yubico-c-client

Recent versions of autoconf, automake and libtool must be installed. Help2man is used to generate the manpages. Libcurl development files (headers and *.so) must also be installed.

Generate the build system using:

autoreconf --install

Then refer to the user sections above regarding building.

Command-line tools

The ykclient command line tool is for testing/debugging purposes only. Secret data, such as the client secret, should generally not be passed as a command line argument in production. Doing so may expose the value to other parts of the system.

There is one command line tool, ykclient, to validate a particular OTP. It needs a client id, which you can generate here.

Example usage:

jas@mocca:~/src/yubico-c-client$ ./ykclient
Usage: ./ykclient <client_id> <yubikey_otp>
 CLIENT_ID: your client id integer
 YUBIKEY_OTP: One-time password generated by yubikey
jas@mocca:~/src/yubico-c-client$ ./ykclient --debug 16 ccccccbchvthlivuitriujjifivbvtrjkjfirllluurj
  client id: 16
  token: ccccccbchvthlivuitriujjifivbvtrjkjfirllluurj
Verification output (2): Yubikey OTP was replayed (REPLAYED_OTP)


The project is licensed under a BSD license. See the file COPYING for exact wording. For any copyright year range specified as YYYY-ZZZZ in this package note that the range specifies every single year in that closed interval.