Admin Guide
IPI Authentication Service – Admin Guide
Last updated
IPI Authentication Service – Admin Guide
Last updated
Server:
Can be installed on a bare metal or virtual server
Linux
CentOS Linux 7
Ubuntu Server LTS 18.04
Ubuntu Server LTS 20.04
Windows Server 2012 and up
4 GB RAM
Only for passwordless PC authentication (for AD on premises accounts):
Workstation with Windows 10 or 11 and must have a TPM 2.0 module.
The workstation must be connected to an Active Directory domain.
The Active Directory domain must have a Certification Server (Certification Authority)
A special template has been set up in the certification authority. (See ).
The IES server must be available for both the IPI Client and the mobile application, i.e. the computer and the phone must be in the same network, or the IES must have a public Internet address.
Our engineers can set up a test server in the cloud for you so that you can try out its features. The production server you have to install yourself inside your local network. To do this, follow these steps:
The IPI Client application should be installed on all workstations where users will log in using IPI Keys.
Note! You can install the IPI Client version to work with internal Bluetooth or with an external IPI Dongle. If you will not use IPI Keys, it does not matter which option to choose.
You need to specify the full server address, for example, https://publicdemo.ipi.com/ or http://192.168.10.203/, or use any port you required, for instance, http://192.168.10.203:9090/.
You can use IPI Authenticator as only SSO method or you may try full functionality (which includes PC passwordless or password-based login).
There are 2 possible use scenarios:
The API Key is required so that your IES server can communicate with the IPI License Server (ILS) and obtain the licenses necessary for the IPI Keys to work. To do this, you can request a . The resulting API Key must be registered in the server settings in Step 4.
Log on to the server using the default login admin@server and the password admin. and then .
Go to Settings -> Parameters. Fill in all and save them.
You need to obtain licenses for employees so they will be able to use IPI Authenticator with their accounts. Follow the instructions in the section . You will need to wait until your order will be processed (goes to the Completed status) and then proceed to the next step - setting up IPI Clients.
You can find the latest version of IPI Client . You can find installation instructions .
Note! The Client settings must contain the path to the server that you just installed. To automate this step, follow .
For using the IPI Authenticator on the employee's workstation, it should be .
You can add or . Don't forget to for them.
(passwordless or password-based PC login)
(To setup your system environment for password-based login you only have to configure SSO on IES)