Find answers and help with IDEE's products and services.
Yes, AuthN allows the user to authenticate both to a website or an app.
Yes.
With Web-AuthN, multiple accounts can be setup on a single device.
Yes.
Once the user is deleted on your IAM system, the user can no longer access any of your systems. Our clients can automatically delete that account on IDEE by leveraging SCIM.
The AuthN app has a list of all the authenticators. In addition, the self-service portal also has a list of all the authenticators.
No Problem. We offer secure recovery mechanisms to restore access on a new device and let the user immediately delete lost devices.
We support any unlock option supported by the device. For example, we support fingerprint, facial recognition, pattern, and PIN for Windows PCs, Android, and iOS. For Mac we support TouchID.
No problem. We offer offline login if the user wants to use her phone and WebAuthN if she wants to login phone-free.
It only takes about 15 minutes.
Yes. Adminstrators can setup users to use our AuthN product for free for 30 days. You can sign-up here: authn.getidee.de.
YES. IDEE conducts external IT security testing/reviews in addition to our routine internal security testing and audits. Cobalt, a security company based in Berlin and San Francisco, conducted a security testing/audit of our services in April 2019. BishopFox, a security company based in San Francisco, conducted a security testing/audit of our services in January 2017. We are also ISO 27001 certified.
Yes. We put an end to all phishing and password-based attacks.
Yes. We prevent malicious and negligent privilege insider attacks.
Yes. Instead of using QR-Code Login, which requires the use of a camera, you can make use of Push Login or WebAuthN Login.
Switch to another app and go back to Safari and you will get an error, "Something went wrong. Please try again." Now click on login and unlock your phone to authenticate to the website. This is a known bug on iPadOS and it has been reported to Apple.
Click outside of the pop-up and you will get an error, "Something went wrong. Please try again." Now click on login and unlock your phone to authenticate to the website. This is a known bug on iOS and it has been reported to Apple.
In order to use Web-AuthN on Safari on a Mac, the user must enable TouchID. Please enable TouchID on your Mac and try again.
Click on the cancel button and this will take you to the next window where you need to unlock your PC to authenticate to your website.
IDEE provides a SaaS solution. On-premise deployments are technically possible, and are included in our Enterprise plans.
Yes. We support browser-only use cases on the PC, Mac, and mobile.
No problem. We offer offline login.
Your choice. Biometric, PIN, pattern. Anything that Windows, Mac, iPadOS, iOS, and Android support.
We only ask for your email in certain use cases. We never store your email in plain-text. It is always hashed when stored. We do not collect any other PII.
No. Users can be auto-enrolled in the background.
No. IDEE follows privacy by design principles. We do not store any private customer data (PII).
No Problem. We offer secure recovery mechanisms to restore access on a new device and let you immediately delete lost devices.
Really quickly. We support common standards such as SAML, OIDC, RADIUS, and many more to make integration quick and easy.
Yes. We can provide you with our white-label app. We also support WebAuthN for web-only use cases.
Once an Azure AD is federated, users need to be added using Microsoft Graph Explorer. Here are the steps for the Microsoft Graph Explorer:
1. Sign into the Microsoft Graph Explorer here (https://developer.microsoft.com/en-us/graph/graph-explorer) using your Azure admin account.
2. After you have signed in click on the 3 dots next to your profile and 'SELECT PERMISSIONS.
3. Please add the following permissions: User.ReadWrite.All and Directory.ReadWrite.All.
4. Go to Sample Queries. Find and select 'CREATE USER' which will create an example in JSON.
5. Please copy the following code and update it to the user's particulars to create the user:
{
"accountEnabled": true,
"displayName": "FirstName LastName",
"mailNickname": "username",
"onPremisesImmutableId": "username@example.com",
"userPrincipalName": "username@example.com",
"mail": "username@example.com",
"givenName": "FirstName", "surname": "LastName",
"passwordProfile" : { "forceChangePasswordNextSignIn": true,
"password": "<password>" }
}
For domains that are Azure AD only and federated, it is currently not possible to login directly to the domain from a PC. The user needs to log-in to a local account on the PC first and then go under Settings\System\About and click on Join Azure AD. Thereafter the user can follow the Web-AuthN or AuthN registration flow to add the PC to the domain.
Please use the following command: Set-MsolDomainAuthentication -DomainName $domain -Authentication managed
Probably there are multiple keys for your account stored in the security chip that makes WebAuthN possible. Please clear your security chip and thereafter follow the registration steps for WebAuthN.
Please check if you have an anti virus software enabled that automatically clicks on links in emails. If yes, please disable it and try again.
It may take up to 5 minutes for changes to an integration to go live. If after 5 minutes, the integration, is still not active please make sure your integration details are correct.
Currently, only an existing ZTP owner receives an invitation. Make sure the admin you want to invite is registered on ZTP already.