Skip to main content

RFID Single Sign-On

RFID SSO - Web application autofill

When users login into workstations with RFID badges, idemeum will capture credentials and can auto-fill credentials into web applications.

Overview

With idemeum you can leverage RFID badge to access workstations, web, and native applications without passwords. When users first enroll their badges into RFID SSO, idemeum desktop agent will capture users' credentials. Subsequently, when users tap the badge to login to workstation, credentials are passed to operating system for authentication. What is more, when users launch web / native application that is set up for autofill, idemeum will automatically fill the credentials, offering true passwordless single sign-on with RIFD badges.

Configure web application autofill

Enable desktop autofill

Desktop agent needs to have autofill service enabled.

  1. For existing desktop that was installed, login to the workstation as admin, open idemeum desktop client, click Advanced settings and make sure the Autofill app is enabled.
  1. When you are installing the desktop agent with PowerShell command you can pass the additional parameter to enable autofill at installation time - -autofillEnabled and the values are true or false. Example of the command below. 
Set-ExecutionPolicy RemoteSigned -Scope Process -Force; [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; cd (Get-Item -Path $env:TEMP).FullName; Invoke-WebRequest -Uri "https://asset.idemeum.com/desktoplogin/idemeumDesktopAppInstall.ps1" -OutFile "idemeumDesktopAppInstall.ps1"; .\idemeumDesktopAppInstall.ps1 -tenantFQDN 'uat.idemeum.com' -clientId 'DESKTOP_INSTALLER-desktop_installer_589-y0H-0sAR' -clientSecret '*jzk*4Jf8Vl8Jwx$NIvOMvVQo*MiyZAbYQ-U~$ri5GZ_uH@Y' -masterKey 'f413lac0-1400-4649-aa6e-dc677a2a8f45::InxKG45nFSxOb/35OCsRAOb4ApkoVoezjr/KNSG269Y=' -elevationMode 'offline' -autofillEnabled 'true'

Configure application

In this step we will configure the application for which idemeum will autofill credentials.

  • Login to your idemeum tenant admin portal
  • Navigate to Applications and choose Add app
  • Choose Managed password application
  • Configure application settings
    • Give application a name
    • For application type choose Web application
    • For credentials choose Domain credentials to autofill individual domain credentials that users enroll with
    • Provide the URL where the application hosts the login screen, for example for Microsoft 365 it is login.microsoftonline.com
  • Save the configuration

Create entitlement rule

In this section we will create a rule to define what users will be able to use autofill. For simplicity, we will give All users who login with badge the permission to use autofill.

  • Navigate to Entitlements on the left menu
  • Click Add rule
  • Choose Group for IF condition and select All users
  • For giving access to application choose the application that you created in the previous step
  • Save the configuration

Test autofill

Now users can enjoy seamless RFID SSO for workstations and web applications.

  1. Tap the badge to login to workstation
  2. Open the browser and navigate to web application that was set up for autofill
  3. Choose the credentials from the drop down to fill in for the application
💡
If you want us to autosubmit the credentials, reach out to our team at support@idemeum.com, and we will enable that feature for you.