Admins can automatically import users and groups from Entra ID (formerly Azure AD), a CSV file, or based on SCIM protocol into the IDmelon credential lifecycle management platform.
Admins then assign FIDO2 form factors by a simple process to onboard users’ new or already deployed smartphones, cards / ID badges, and key fobs as a FIDO2 USB security key.
IT admins can also create security policies for security keys such as time or location restrictions.
As organizations leverage existing devices and don’t need to make any changes to their existing infrastructure, they can deploy passwordless overnight without dealing with challenges that physical key deployment entails.
Our solution simplifies overall organizational passwordless transition journey, allowing you to scale as you grow and adapt to your changing needs and support all your different use cases and scenarios.
The possibility of using existing devices and offering security key as a service enables organizations of all sizes to deploy quickly and affordably without dealing with hardware key deployment challenges.
In some industries, esp. manufacturing, it may be difficult for workforce to perform basic tasks regarding security key registration. IDmelon Orchestrate helps administrators do basic onboarding activities simply and quickly on behalf of their users. It presents an automated process for admins to add users, assign security keys, create security policies, and even register credentials on their behalves (OBR) with automated user provisioning. The only thing left for users to start a passwordless digital life is to receive their security keys via email.
To meet organizations' needs, admins can set authentication policies to limit access of different user groups. It gives organizations full control over their users’ access by creating and applying new policies to users’ security keys. The security key policies can limit users’ access based on multiple conditions such as time period, IP address, type of security key (smartphone, card etc.), PC that login request is coming from, RP (relying parties) that user is trying to reach, and location that a user is trying to log in from.