Authorization on the IES server via a FIDO key

IPI Enterprise Server – Authorization via FIDO key

For both types of accounts, admin or user, the following authentication options are available on the IPI Enterprise Server:

Password-based login with hardware IPI Keys as a second Factor (FIDO U2F)
Passwordless login with hardware IPI Keys (FIDO/WebAuthn)
Password-based login with hardware security keys by other vendors as a second Factor (FIDO U2F)
Passwordless login with hardware security keys by other vendors (FIDO/WebAuthn)
Login with IPI Authenticator mobile app (Biometric passwordless login / two-factor authentication) - Android / iOS platforms
Platform authentication using Windows / macOS / iOS / Android
Authentication using Passkeys

You can configure authorization on the IES server via the FIDO key. You can use both an external FIDO key and a platform security key.

You can also enable the FIDO2 attestation option for the keys and disable platform keys if needed. Attestation ensures that the device is genuine, and is from a trusted, certified manufacturer. Platform keys are the option that allows user to use their device to log in using Touch ID, Face ID, or Windows Hello. Simplify user authentication using built-in laptop, or smartphone login features, such as pin and biometric login. Here you can find guides for these features.

Step 1. Adding a key

In the upper right corner of the window, click the profile icon and select the Profile from the drop-down list:

Go to the Security Keys section and click the Add FIDO2 Authenticator button:

Then choose the type of the key and click "Next".

Follow the instructions of your FIDO key. If you are using HK, then refer to this guide. If you are using platform security key - to this.

You can add multiple keys.

Step 2. Authorization via the FIDO key

If you registered your Key without "Use Usernameless" option, follow next instruction.

Enter your e-mail.

Select the Sign in with a security key login option.

Follow the instructions on the screen. Screens for HK use are shown.

After entering the PIN-code, polling your key and pressing the button while the green LED is flashing, you will be authorized on the IES server.

If you registered your Key with "Use Usernameless" option, follow next instruction.

Select the Sign in with a security key login option.

Follow the instructions on the screen. Screens for HK use are shown.

After entering the PIN-code, polling your key and pressing the button while the green LED is flashing, you will be authorized on the IES server.

Step 3. Key's management

You can change the names for the keys or delete them using the corresponding buttons.

PreviousHow to enable two-factor authentication at the IPI Enterprise Server?NextPlatform authentication on the IES server

Last updated 1 year ago

Step 1. Adding a key

Step 2. Authorization via the FIDO key

Passwordless login

Usernameless login

Step 3. Key's management

Step 1. Adding a key

Step 2. Authorization via the FIDO key

Passwordless login

Usernameless login

Step 3. Key's management