Skip to main content

Just-in-time admin accounts

Technician login methods

Technicians can access customer workstations by scanning a QR-code, triggering a push notification, or using an offline one-time code.

Overview

There are various ways to access workstations with idemeum agent installed - scan QR-code, approve push notification, or enter on-time code. These login methods apply both for computer login and on-demand elevation.


QR-code login

One of the ways to access a customer workstation is to simply scan the QR-code on the login screen and approve with biometrics.

  • Navigate to workstation where idemeum agent is installed
  • Click on the QR-code at the bottom of the screen
  • Open idemeum application, click Login at the bottom menu, scan the QR-code, and approve login with biometrics
  • When you need to elevate in the user session, UAC prompt comes up with various options to authenticate
  • Choose idemeum QR-code and click Click here to expand QR-code to make QR-code easier to scan

Push notification login

Push notification login is an optional feature and needs to be enabled in the settings.

  • Navigate to your customer tenant admin dashboard
  • Access SettingsDesktop agent
  • Enable Enable push notification for login
  • Once you enable this feature you will be able to trigger push notification to your mobile app from the workstation login screen by click on Send notification
  • Enter your email address, and idemeum agent will send a notification to your mobile app. Once you approve with biometrics, you will be able to access the workstation
  • The same applies to on-demand elevation. You can choose idemeum credential provider to authenticate, and then send a notification to your mobile app

One-time code login

Offline OTP

One-time code login was originally designed for offline mode. When a workstation is offline, you can not use QR-code or notification to login. As a result the workstation credential provider automatically switches to one-time code login mode.

  • Open your idemeum mobile application
  • Using the tenant dropdown switch to customer tenant where the workstation belongs
  • Click on ... and retrieve your username and OTP for desired workstation
  • You can now enter the one-time code the login into workstation

Online OTP

You can also use OTP for online login. This feature is optional and needs to be enabled in the settings.

  • Navigate to your customer tenant admin dashboard
  • Access SettingsPAM
  • Toggle Enable login via OTP
  • Once you enable this feature you will be able to use OTP from the credential provider login screen
  • Open your idemeum mobile application
  • Using the tenant dropdown, switch to customer tenant where the workstation belongs
  • Click on ... and retrieve your username and OTP for workstation login
  • You can now enter the one-time code the login into workstation