Skip to main content

RFID Single Sign-On

Overview

Overview

RFID Single Sign-On is a cloud-based solution that allows your users to replace passwords with RFID badges. Simply tap the badge, enroll with your passwords, and then access any shared workstation with a simple badge tap. Today idemeum supports RFID SSO for Windows computers, as well as web and native Windows applications.

Get started quickly?

Check our quick-start guides to set up idemeum RFID Single Sign-On.

Quick-start guides
Follow product guides that we created to test idemeum platform use cases.
idemeum docsNik Pot

Supported operating systems

Today we support the following operating systems:

  • Windows 10
  • Windows 11
  • Windows IoT Enterprise

Supported use cases

Here are the use cases that we support today:

Solution components

Idemeum RFID Single Sign-On is a cloud-based product. There are no appliances to install and manage on-premises. The solutions consists of hardware and software:

  • Software
    • Idemeum cloud - idemeum cloud will serve as a management plane for RFID access, where you can manage users, workstations, as well as entitlements to define who has access to what.
    • Desktop agent - idemeum application will need to be installed on every workstation. Once installed and paired with idemeum cloud tenant, idemeum application will register as credential provider on Windows and will start processing all login requests with RFID card. You can perform a manual installation for a quick deployment, or you can push the application with silent installer.
  • Hardware
    • Hardware RFID readers - idemeum does not provide hardware, and we integrate with RF Ideas readers. You can choose any reader model based on your requirements and card types.

Sample login flow

Here is the generic user login flow that is performed when the RFID badge is scanned on a domain-joined workstation.

  1. User taps the RFID badge on the badge reader that is connected to a Windows computer over USB port. Idemeum desktop application is integrated with the reader, it detects badge tap event and is able to extract that badge number.
  2. Idemeum desktop application communicates with the idemeum tenant that it is registered with, submits the badge number for user look up, and conducts the entitlement check to see if the user has permission to access workstation.
  3. Idemeum cloud connects to user source to validate the badge number and look up user corporate email address that will be used to login into a domain environment (can be local directory or external user source).
  4. Once the user email is found, it is passed back to Idemeum desktop application that in turn will log the user into a domain-joined workstation.