Onboarding and Authentication

The onboarding functionality gives a user access to On Key, which enables the user to log into On Key for the first time.

A user has to onboard, before authentication can occur. The authentication is handled by an authentication provider.

Onboarding

When onboarding a new user, an administrator or super user will send an email containing an invite link from On Key.

Please note, this email link can only be used once as the authentication token in the link will be deleted.

Onboard a new user

  1. From the On Key main menu, click User Access Management > Users. The User dashboard opens.
  2. Select the user from the list in the grid or open the user's edit screen and create a new user. This must be a user that has never logged into On Key yet.
  3. Use the Send Invite custom action in the Assist panel in the sidebar.

Result

The invite containing the link will be sent the user's email address.

Authentication

Clicking the link will direct the user an authentication screen. The authentication provider that has been set up for your organisation to proceed with logging in to On Key.

On Key uses authentication providers to manage the login process. An authentication provider needs to be selected to complete the login process. On Key supports a number of authentication providers.

A user will need to authenticate after onboarding, as well as every time when logging into On Key. The user will be authenticated by the authentication provider that their organisation makes use of.

Authenticate a user

  1. Select your organisation's preferred authentication provider from the list. From this point on, the prompts will be from the authentication provider.
  2. Once authenticated and logged into On Key, the Authentications tab on the user will be autopopulated with the authentication provider. Refer to User Screen for more information.

The default time for the user to remain active in On Key is one hour. If the user has not performed any actions in that hour, the token will expire and a new token will be requested. However, this is an automatic process and the authentication will take place in the background.

To restrict a user's access to On Key, the user can be removed from the authentication provider or Is Authentication Disabled can be set to true for the user. Refer to User Screen for more information.

Keep in mind

  • From the User screen, the Enable User Authentication and Disable User Authentication custom actions can be toggled in the Assist panel in the sidebar.
  • From the User dashboard, users can be multi-selected and authentication can be set in bulk by selecting Enable User Authentication or Disable User Authentication custom actions in the Assist panel in the sidebar. The authentication of the current user cannot be included in the bulk setting.