End-user guide - inWebo Authenticator app

This documentation refers to inWebo Authenticator 6 installation and configuration.

Authenticator 4 application is no longer supported on recent versions of operating systems. The current Authenticator app that we recommend installing is Authenticator 6.

See the “Migrating from Authenticator 4 to Authenticator 6” documentation.

Download and installation

The inWebo Authenticator 6 App is available in your application store for the following operating systems: Android / iOS / Windows / macOS:

• For Android: https://play.google.com/store/apps/details?id=com.inwebo.near.prod

• For iOS: https://itunes.apple.com/us/app/inwebo-authenticator-6/id1398273229?mt=8

• For Microsoft Windows and macOS, installation files are available in our Downloads section: https://www.inwebo.com/en/downloads/

• For scripting and deployment purposes, the installation file for Microsoft Windows is also available in .MSI format

TIP

To upgrade Authenticator, you should use the same installation method (exe or msi) used to install the previous version.

To see if you have previously installed via the exe or via the msi, check the Authenticator 6 installation directory:

• for the exe, the installation directory is: C:\Program Files (x86)\Authenticator 6

• for the msi, the installation directory is: C:\Users\"User_Name"\AppData\Local\Programs\authenticator6

Update for Windows

When updating Authenticator 6, simply install the new version directly without uninstalling the previous one, this will allow you to keep the activated profiles of your Authenticator tools.
If you uninstall your Authenticator 6 application, you will lose the inWebo profiles activated on these tools.

To upgrade to Authenticator 6.14, you should upgrade from 6.12 only. Upgrading from Authenticator 6.8 to Authenticator 6.14 is not possible.

EXE file and MSI installers use different installation paths, so upgrading exe to msi or the other way around will not keep your users' enrollments. We recommend that you keep the same installation method (EXE or MSI) for deploying upgrades.

Getting started

inWebo Authenticator is a One-Time Password generator App that supports push notifications as well a fully offline mode. The main terms you may encounter are the following:

• Activation → action of enrolling, registering a device as a trusted authentication tool.

• Device → trusted authentication tool. It may be a mobile, a computer (desktop app) or a web-browser.

• OTP → the One-Time Password you can generate to log in.

• Service → the environment in which your account is registered. It is usually your company.

• Account → the space where your personal data is stored as a user in a service. You access your account settings from your Authenticator application.

• PIN code → the personal identification number (PIN) used for authentication. It is also required to validate an important action in your account.

First time use

To get started with Authenticator 6 app, you should first activate a device. To get a valid activation code for the first time, contact your administrator.

• Launch Authenticator 6 application.

• Check the “I agree” checkbox to give your consent to the Privacy Policy.

• Allow Authenticator 6 to take pictures (used to scan QR codes).

• Enter a valid activation code (contact your administrator) and click the validate button.

• Define a new PIN code.

Overview

The home page

Here you can see the standard actions you can perform by clicking on the items of the Authenticator 6 app home page.

Service name and logo When clicking on your service name and logo, "Authorize a connection", you can check pending authentication. Generate an OTP To generate an One-Time Password with this device, when it is needed My Devices To manage your trusted devices. You can also add a new trusted device. My Account To manage your PIN code, your Antiphishing security, or initiate the account recovery (when blocked).

The menu

Here you can see the standard actions you can perform by clicking on the items of the Authenticator 6 app sidebar menu.

Home To return to the home page. Generate an OTP To generate an One-Time Password with this device, when it is needed My Devices To manage your trusted devices. You can also add a new trusted device. My Account To manage your PIN code, your Antiphishing security, or initiate the account recovery (when blocked). Audit To consult your authentication activity Theme To switch between black or white app theme Language To switch the interface language of your App

Authentication

Depending on the authentication mode selected, you can receive push authentication requests on your mobile device (Authenticator mobile) or in the notification system of your computer (Authenticator Desktop).

• During the authentication process you receive notification. Click on the notification to launch the Authenticator 6 app.

• If requested, enter your PIN code and click the “Accept” button to validate this push authentication request.

• You are successfully authenticated. Close Authenticator 6 application.

Configuration

Accounts

Switching to a different account

The inWebo authentication application allows you to switch between inWebo accounts if you are subscribed to several inWebo services.

• In the inWebo Authenticator 6 app menu, click on "Accounts".

• You get access to your activated accounts list in inWebo Authenticator 6 app.

• Select the account you want to be authenticate with.

Adding a new account

• Click the “Add an Account” button at the bottom of your accounts list.

• You reach the activation page to add a new account on this device.

• Enter a valid Activation Code or scan a valid QR Code (ask your administrator).

Managing your current account

To manage your current account (the one you are currently authenticated with in Authenticator), click go to “My Account” section (from the Authenticator home page or from the sidebar menu).This section allow you to manage your PIN code, your Antiphishing security, or initiate the account recovery (when blocked).

Change your PIN Enter your old PIN code to change for a new one. Reset my PIN Code To enter a unlock code (given by your administrator) to unlock your PIN code when locked. Antiphishing To change your Antiphishing seal - You can define a personal and secret sentence to be displayed in browser-based authentication apps whenever a personal code is requested. This helps you to verify that you are connected to a legitimate inWebo server. Account recovery You can provide an email to receive an unlock or reactivation code in case of a loss or lock of your trusted devices. Register your Biokey (or Update your Biokey when already registered)You can provide an email to receive an unlock or reactivation code in case of a loss or lock of your trusted devices. Register your Biokey (available only if the administrator enabled the option) You can register or update your biokey.

My Devices

 This section will only be displayed if your administrator enabled the option in the inWebo administration console

When selecting "My Devices" section you can consult and manage the list of trusted devices.

	Available actions: To rename the trusted device. To lock a trusted device. To delete a trusted device. The trusted device correct status. To display details about the trusted device: the type → Authenticator application, browser-based Authenticator (VirtualAuthenticator or Helium) the last authentication with the trusted device (DD/MM/YYYY hh/mm/ss)

Audit

 This section will only be displayed if your administrator enabled the option in the inWebo administration console

This section allows you to consult the activity of your account of the inWebo platforms.

	Date: format DD/MM/YYYY hh/mm/ss Action: CREATE_USER → administrator created a user ACTIVATE → user is activated GET_OTP_FOR_SERVICE → GET_ACCESS_TOKEN_FOR_SERVICE → GENERATE_OTP → One-Time Password has been generated DELETE_DEVICE → a trusted device has been deleted UPDATE_USER → administrator updated user’s information