Specops:ID

Specops:ID is a mobile app that lets users authenticate with Specops Authentication using their mobile device's biometrics, such as fingerprint or facial recognition.

Configuring Specops:ID

In this section, you can configure Specops:ID to send push notifications, require biometrics for added security, and add a QR code or number code challenge for an additional layer of security. The challenge is presented to the user before they can authenticate using biometrics.

Notes on Biometrics Mode

Biometrics can be used during enrollment only, during both enrollment and authentication, or disabled completely. For example, if At enroll and authenticate is selected, users are prompted to use biometrics during both enrollment and authentication in the Specops:ID mobile app.

Review the following options and important notes for Biometrics Mode:

At enroll: Uses biometrics during enrollment.
At enroll and authenticate: Uses biometrics during enrollment and login. If you change to this setting, users who enrolled while Disabled was active will not be able to authenticate and those users will have to re-enroll.
Disabled: Disables biometrics as authentication method. If users enroll while this setting is active, their enrollments will not work with biometrics. If you later change to At enroll and authenticate, any user who has enrolled will have to re-enroll.

Configuration steps

In Specops Authentication Web, go to Identity Services and select Specops:ID.
Open the Settings tab.
1. For Biometrics Mode, see Notes on Biometrics Modes
2. For Challenge Type, select the type of challenge you want to present to your users:
  - None, to let users authenticate in the Specops:ID mobile app without any extra challenges. This is the default setting.
  - QR, users must scan a QR code in the Specops:ID mobile app before they can authenticate using biometrics.
  - Number Input, users must enter a number code in the Specops:ID mobile app before they can authenticate using biometrics.
Open the Notifications tab. From here, you can configure push notifications to notify users and administrators about system events.
1. Click Add.
2. Select an event type from the Event drop-down and a delivery method from the Action drop-down.
3. Click Next and configure the required settings. See Notifications for more information.
4. Click Save.

Enrolling with Specops:ID

Download the app from AppStore or Google Play Store and install it on your mobile device.
Go to the Specops Authentication Web, open the Enroll page and choose to enroll with Specops:ID.
Start the Specops:ID mobile app and click on Connect work account.
Scan the QR code that is displayed on Specops Authentication Web and authenticate using the phone's biometrics.

Note

You can also scan the QR code with your mobile phone’s camera instead of opening the app.
The Specops Authentication screen will show that you have enrolled with the Specops:ID identity service.

Authenticating with Specops:ID

After logging in with your Windows credentials, choose Specops:ID as authentication method. If you used Specops:ID to authenticate the last time you logged in, it is automatically selected.
Start the Specops:ID mobile app.
Tap Yes to authenticate.
You are logged in to your Windows account.

Specops:ID home screen

Here you can see your account name, account status, the date of your last password change, and the password expiration date. You can also reset your password using the Reset password link.

Tap the menu icon (...) at the top right to handle your account.
From here you can add a new account or remove the selected account.

Note

When removing a selected account, you must also remove the corresponding device for that account in Specops Authentication.

One-time codes

One-time codes is a method for generating short, time-limited codes used to verify your identity when logging in. These codes are generated based on the current time and a secret key shared by the server and the client. In this scenario, the Specops:ID mobile app is the client.

In Specops:ID, there are two kinds of one-time codes:

Secure Access: For Secure Access, the one-time codes serve as a fallback authentication method that can be used if your computer is offline or if the Specops Cloud services are temporarily unavailable. These codes are automatically saved in the Secure Access section of Specops:ID when you complete a successful online authentication for Secure Access.

Note

The codes are unique to each individual computer. If you have used Specops:ID to log in to multiple computers, you will see a separate code for each computer. Be sure to select the correct code.
Other Codes: Besides Secure Access, one-time codes can also be added from any third party system that uses time-based one-time codes for two-factor authentication.

If a third party system displays a QR code and asks you to add it to your authenticator app or similar, you have the option to scan the QR code from Specops:ID. Any one-time code added this way will appear in the Other Codes section. There is also the option to add a code by entering the secret key manually.

Settings

From here, you can configure theme, language, and telemetry consent. You can also view the mobile app version and debug log information.