An invited admin is allowed to invite new users to their own integration(s).

Only the owner of an integration can add/invite another admin.

No, you can invite admins with any email address.

Currently , only an existing admin can receive an invitation.

Please make sure that the admin you want to invite is already registered on our Integration Portal.

Yes, you can get a branded setup for your integrations, inlcuding app, login pages, emails, and self-service portal.

It may take up to 5 minutes for changes to apply. If the integration after 5 minutes is still not taking effect please make sure your integration details are correct.

A backup allows the admin to add a new device to their account using the backup code. Thereafter, the admin has full access to their account.

Without a backup code a new device can only be added by proving possession of the mailbox and then resetting your account. Resetting your account means all existing devices are deleted and admin access on the account is revoked. To regain admin access on the account, please submit a support ticket here: https://www.getidee.com/support

Go to https://authn.getidee.de and scan the QR-Code with the App. You can either use AuthN by IDEE app or your branded AuthN App from IDEE.

You can use the AuthN app or your branded app.

Yes. In order to use the Integration Portal with your authenticator, you need to use the same email address you used when registering for the Integration Portal with your authenticator. Your email address is your account identifier.

If you recently reset your account, access to your Integration Portal was removed. Please create a ticket here to regain access: https://www.getidee.com/support.

The system administrator that is responsible for a specific integration(s) should create an account on the Integration Portal. In order to share an integration with another adminstrator, each adminstrator needs to create an account on the Integration Portal prior to sharing.

To test AuthN with Mircosoft products, we recommend setting up a separate domain and using the Integration Portal.

Once the integration is setup, the user is automatically re-directed to the AuthN login page or the branded login page. On the login page the user is then asked to follow the setps to enable Secure Magic-Link, Web-AuthN or the AuthN app depending on the configuration. Thereafter, the user can instantly login to the application.

Once the user is deleted on your IAM system, the user can no longer access any of your systems. Our clients can automatically delete that account on IDEE by leveraging SCIM.

The root account of your domain cannot be federated. For example, the Microsoft Azure AD root account, onmicrosoft.com, is always accessible by using your username, password, and token.

The invitation link can only be used once by the user who has received the link. The link is tied to the email address that was used when it was created. The user cannot change it.

The app language is based on the device language when the device was added and it is automatically set. It cannot be changed.

Probably there are multiple keys for your account stored in the TPM. Here is a guide how to delete them on a Windows PC:

1. Run CMD as administrator → type ‘Command Prompt’ in search bar on Windows, right click and select ‘Run as administrator'

2. In the CMD screen type: certutil -csp NGC -key

This will list all the keys. You’ll see the key in this format: `<sid>/<guid>/FIDO_AUTHENTICATOR//<rpIdHash>_<user id>`

3. Copy the key manually (without the ‘RSA’ at the end), and type in the next command providing the copied key:

certutil -csp NGC -delkey <key>

Press enter.

You should see ‘CertUtil: -delkey command completed successfully’

4. Repeat 3. step for every key.

‍

Here is a guide how to delete them on a Mac:

‍

1. Go to Safari > History

2. Click on Clear History. Please note this will clear all your History in addition to deleting your Web-AuthN keys.

Web-AuthN is currently not supported on Chrome Incognito mode on Windows 10 20H2. It is however supported on MacOS 11.6 and later.

'Please create a ticket here to report a bug or make a feature request: https://www.getidee.com/support/product-request

'Please create a ticket here to report a security incident: https://www.getidee.com/support/report-security-incident

'The AuthN app works on any smartphone or tablet with the following OS versions:-

Android version 6.0 or higher

- Apple iPhone with IOS 11 or higher

Web-AuthN works on any computer with a TPM chip (internal or external) and the following browsers:-

Microsoft Edge

- Chrome

- Safari

- Internet Explorer 7 or higher

Currently, we support one account per authenticator app. If you choose the branded option, you can use our AuthN app and your branded app. This way you can use two different accounts.

A work around for Android:Certain phones with Android 10 and later support Dual-apps. With this feature you can use AuthN in dual-app mode to access two separate mailboxes.

A general work around:M365 offers delegated access. You can find the M365 documentation here: https://support.microsoft.com/en-gb/office/access-another-person-s-mailbox-a909ad30-e413-40b5-a487-0ea70b763081#__toc372210362"

With Web-AuthN, multiple accounts can be setup on a single device.

Each adminstrator can share their integration(s) with other adminstrators via the Integration Portal. Sharing is only possible if the other adminstrator has an account on the Integration Portal.

If your account has active integrations on the Integration Portal you are not allowed to delete your account. You first need to go to the Integration Portal and delete all active integrations or create a ticket to transfer all integrations to another admin. You also need to revoke access to integrations you have shared with other admins. Thereafter, you can delete your account via the Self-service Portal (SSP).

Please ask an admin who is managing your email integration with AuthN to send you a one-time use magic-link for account recovery. This will allow you to enable your AuthN app as an authenticator. Thereafter you can access your mailbox by using AuthN.

If you do not have your backup code you need to reset your account. To obtain access to your integrations on the Integration Portal, please create a ticket here: https://www.getidee.com/support.

Please ask an admin who is managing your email integration with AuthN to send you a one-time use magic-link for account recovery. Thereafter, you can reset your account and enable AuthN. Once AuthN is enabled you can authenticate to your mailbox. To obtain access to your integrations on the Integration Portal, please create a ticket here: https://www.getidee.com/support.

All authenticator devices are deleted and access to the Integration Portal is removed. You need to contact IDEE to regain access to the Integration Portal. To obtain access to your integrations on the Integration Portal, please create a ticket here: https://www.getidee.com/support.

Please check if you have an anti virus software enabled that automatically clicks on links in emails. If yes, please disable it for internet and try again.

App passwords created for service accounts prior to switching the domain from managed to federated will continue to work. If new app passwords need to be created, the admin needs to login to the service account and create new app passwords. When the admin tries to login to a service account, they will need to authenticate with AuthN.

Please ask an admin to send you a one-time use magic-link to login to your service account using Web-AuthN.

Yes. However, once you delete/disable an enterprise account, the user will no longer have access to your data.

The account language is based on the device language when the account was created and it is automatically set. It cannot be changed.

You can delete your device from your Self-Service Portal or from within your authenticator app.

On the Web-AuthN login page select Enable Another Account option to setup additional accounts on the same device.

Our links are one-time use only. Please make sure that your anti-virus or other cyber security protection software are not opening the link before it reaches your mailbox. If so, please add emails from getidee.de and getidee.com to your trusted sender list.

AuthN does not work without a device lock. Please enable device lock on your tablet, smartphone or computer. For iOS, iPadOS, and Android you need to enable screen lock, for your PC please enable Windows Hello, and for your Mac please enable TouchID.

If you disable device lock on your tablet, smartphone, or computer, AuthN will no longer function. You will have re-enable your device as an authenticator.

All authenticator devices are deleted from your account. You can thereafter add devices to your account.

Please ask an admin to send you a one-time use magic-link for account recovery. This link will allow you to setup a new authenticator device and thereafter you can access your mailbox.

No, when an enterprise account is deleted that account needs to be deleted manually on IDEE services (Integration Portal, AuthN User). However, when an account is deleted on your IAM platform, the user no longer can access your data.

Go to Settings -> Safari -> Request Desktop Website -> All websites.