Enable passkeys

This topic describes how to configure a passkey in your tenant so you can select it as a unique factor in the authentication profile.

A passkey enables authentication without the use of usernames or passwords and is stored in the user's device. You can enable and disable passkey enrollment and authentication. This allows you to choose whether authentication enrollment will be enabled or disabled for new devices. Once configured, users can set up a passkey for user authentication.

Passkeys are not supported for endpoints and embedded widgets.

There is a maximum of five registered passkeys.

Set the policy to use with passkeys

The following procedure describes how to enable enrollment of passkeys and how to select it as an authentication mechanism.

  1. Go to Core Services > Policies to select the policy you want to use.

  2. In the policy, go to User Security Policies > User Account Settings and select Yes next to Enable passkey authentication.

  3. Click Yes next to Enable passkey enrollment. This enables users to enroll with a passkey.

    If you select No, and a user has already enrolled a passkey to the User Portal, then authentication with passkeys is allowed.

    (Optional) You can select Yes next to Prompt users to setup a passkey on login to enable a wizard.

  4. You can use the authentication profile required to configure the passkey drop-down menu. See create an authentication profile for more information.

  5. Click Save.


Create authentication profiles