Skip to main content

Enrollment Preferences Policy

With the introduction of the Enrollment Preferences policy, the administrators can use the Enrollment Preferences tab under the Authentication menu to allow the first-time users to enroll their mobile or landline numbers to enable additional multi factor authentication (MFA) methods such as SMS OTP or voice OTP for the user after providing their passwords. Additionally, end users are allowed to onboard their devices using the BlockID app for experiencing the passwordless access on the first-time login.

  • Passwordless Access on BlockID App : Enable this option to allow users to onboard their devices for passwordless login. Prior to enrolling their device, users need to have the BlockID mobile app installed.
  • Mobile Phone : Enable this option to associate your mobile number to receive the OTP via SMS during authentication.
  • Landline : Enable this option to receive the OTP to the configured number through a voice call. By adopting this feature, users can associate appropriate authenticators for securely accessing the 1Kosmos application.

Enabling Multi Factor Authentication (MFA) for First-Time Login Users

To enable the additional MFA factors for the first-time login users, follow these steps:

  1. Navigate to the AdminX interface.

  2. Go to Authentication > Enrollment Preferences. The Enrollment Preferences page is displayed.

  3. Turn the First time login enrollment factors slider ON.

  4. In the Initial Sign in MFA Enrollment policy section, enable the appropriate authenticators such as Passwordless Access on BlockID App, Mobile phone and Landline.

  5. Click Save.

To enroll the BlockID

Enrolling Mobile or Landline through Login Screen

Once the community administrator has enabled the Enrollment Preferences setting in the AdminX interface, the first-time login users can associate their mobile or landline details to seamlessly login into AdminX.

Prerequisites:

Following are the prerequisites to be possessed for a seamless login:

  • The user must be logging into AdminX for the first time but must be part of one of the preferred user stores.
  • Make sure that the administrator has enabled the First time login enrollment factors setting under the Enrollment Preferences tab followed by the enablement of at least one authenticator such as Mobile or Landline.

To enroll your mobile or landline number, follow these steps:

  1. Open the AdminX URL.

  2. Navigate to the USERNAME tab to specify the username and click Next.

  3. Enter your password and click Next.

  4. In the Choose an authentication method screen, click Setup MFA.

  5. In the Setup multifactor authentication screen, select either Setup SMS Authentication or Setup Voice Call Authentication as shown below:

    • If you select the Setup SMS Authentication option, the Enroll a mobile number screen is displayed as shown below; Specify your mobile number by selecting the appropriate country code and click Next.

    • If you select the Setup Voice Call Authentication option, the Enroll a landline number screen appears; Specify your landline number by selecting the appropriate country code and click Next.

  6. In the Enter your verification code screen, enter the code received in your mobile or through the voice call.

After entering the code, the screen notifies the user that the phone number has been to the profile. The following screenshot illustrates the same:

Enrolling Devices through BlockID App

Prior to the enrollment process, community administrators must have enabled the Passwordless Access on BlockID App setting in Initial Sign in the MFA Enrollment policy section under the Authentication > Enrollment Preferences tab.

To enroll the user's device using the BlockID app, follow these steps:

  1. Navigate to the Sign in page of your tenant and enter the username who must be onboarded and click Next.

  2. Enter the password and click Next.

  3. Click Setup MFA.

  4. Select Setup BlockID App.

  5. Download the BlockID app specific to your device if you have not installed it. If you have installed the app, then click the I already have the app link.

  6. Scan the QR code.

  7. The login page notifies users that a new device has been added for the passwordless login. Click Let’s try a login.

  8. Scan the QR code using the BlockID app. You have successfully logged in.