One of the ways to access a customer workstation is to simply scan the QR-code on the login screen and approve with biometrics.
- Access the login screen of the workstation that you want to access
- Open your idemeum mobile application, click
Loginat the bottom menu, scan the QR-code, and approve login with biometrics
Below are some examples of the desktop login screens with various authentication set ups:
- The login screen below is when users authenticate with default Windows credential provider, while idemeum credential provider is only used for technician login. Just click on the secondary credential provider, and you will be able to scan idemeum QR-code.
- The login screen below is when users login to workstation with idemeum cloud directory credentials. For technicians to login with QR-code, they need to click on the link
Passwordless Elevated Access.
- The login screen below is when both users and technicians use QR-code to login.
Push notification is an optional feature, and it can be enabled in the admin portal for a customer tenant. To enable the feature:
- Navigate to the admin portal of your customer tenant
- Toggle the setting for
Enable push notification
Once enabled, everywhere you see the QR-code on the desktop UI, you will have an additional option to send a push notification to a mobile device.
Once you click on
Send notification link, you will need to type technician email address associated with a mobile device, and you will receive a push notification to approve login.
Offline one-time code
Offline code allows you to access customer workstations that are not connected to the Internet. We have a dedicated post that explains how offline access works.
Technicians can also elevate in the standard user session so that a privileged action can be carried out. The same elevation methods are available - QR-code, push notification or offline.
- Standard user is logged into the workstation
- User launches an application that requires elevation
- Windows UAC is shown to prompt for authentication
- Technician chooses the idemeum credential provider
- Then technician can click
Passwordless Elevated Access
- And now the same methods (QR-code, push, or offline mode are available)