ºÚÁϺ£½Ç91Èë¿Ú

ºÚÁϺ£½Ç91Èë¿Ú Mobile Admin App Overview

ºÚÁϺ£½Ç91Èë¿Ú Admin lets a ºÚÁϺ£½Ç91Èë¿Ú administrator or a help desk person resolve common helpdesk requests on-the-go. You can unlock user accounts, force a user password change, remove MFA requirements, and see event logs for each user.

Prerequisites

  • iOS: version 13 or greater
  • Android: version 8 or greater

Overview of ºÚÁϺ£½Ç91Èë¿Ú Admin

The ºÚÁϺ£½Ç91Èë¿Ú Admin mobile app gives an IT admin or support technician the ability to troubleshoot and handle quick requests from their phone. These tasks include unlocking a user’s account or resetting MFA. 

Larger workflows will continue to be handled from the ºÚÁϺ£½Ç91Èë¿Ú portal.

Note:
  • The dashboard shows users with Account Locked Out or Expired Passwords.
  • The User screen shows all users

Supported Functionality

  • View status:
    • Admins can view an organizations’ users, and user states and statuses (locked out, suspended, and MFA).
    • Admins can view Settings to determine app version, terms and conditions, and opt out of usage and quality data collection.
  • User lifecycle functions
    • Admins can suspend and restore a user's account.
  • Troubleshooting user lockouts
    • Admins can unlock a user’s account, reset a user’s MFA (TOTP, Push, WebAuthn), and force a password change.

Using the ºÚÁϺ£½Ç91Èë¿Ú Admin Mobile App

  1. Open the ºÚÁϺ£½Ç91Èë¿Ú Admin app on your mobile device.
  2. Log in with your ºÚÁϺ£½Ç91Èë¿Ú admin credentials.
    1. If TOTP MFA is required, you must input your TOTP code to authorize the ºÚÁϺ£½Ç91Èë¿Ú Admin mobile app.

Use Cases

  1. Unlock a user's account
  2. Reset and re-enroll a user's MFA
  3. Remove a user's MFA requirement 

Use Case 1: Unlock a User’s Account

Scenario: A user contacted the help desk because their ºÚÁϺ£½Ç91Èë¿Ú account is locked. How do I unlock this user’s account?

  1. On your mobile device, open the ºÚÁϺ£½Ç91Èë¿Ú Admin app.
  2. Log in with your ºÚÁϺ£½Ç91Èë¿Ú admin credentials.

Note:

You can set up ºÚÁϺ£½Ç91Èë¿Ú Admin to log in using Face ID (iOS) or Fingerprint (Android).

  1. Tap on Accounts Locked Out and select the user you want to unlock. 
  2. Scroll down to Directory Activities and review what triggered the lock. If you see suspicious behavior or patterns, investigate further.
  3. If the account unlock request is legitimate, tap Unlock User Account

Note:
  • Unlock User Account will reset the failed login counter for this user immediately.
  • If you set an automatic time-based security setting for locked accounts in your Security policy, such as requiring the user to wait 30 minutes before they can try to log in again, Unlock User Account will also bypass this setting.
  1. Manually notify the user that their account is unlocked.

Note:

There is not an automatic notification system to inform the user their account is unlocked.

Use Case 2: Reset a User’s MFA

Scenario: A user lost their mobile device, or upgraded their smartphone and forgot to re-register their MFA client, and now they can’t log in to their ºÚÁϺ£½Ç91Èë¿Ú Portal because they lost access to ºÚÁϺ£½Ç91Èë¿Ú Protect, Google Authenticator, Duo, or a similar OTP app. How do I reset the user’s MFA on their account so they can re-enroll MFA on next login?

  1. On your mobile device, open the ºÚÁϺ£½Ç91Èë¿Ú Admin app.
  2. Log in with your ºÚÁϺ£½Ç91Èë¿Ú admin credentials.

Note:

You can set up ºÚÁϺ£½Ç91Èë¿Ú Admin to log in using Face ID (iOS) or Fingerprint (Android).

  1. Tap on Total Users and select the appropriate user.

Note:

If users have a lock icon next to their name, it means the user has an MFA app configured.

  1. Scroll down to Directory Activities and investigate to determine if there is any suspicious activity.
  2. If there is no suspicious activity, tap Reset TOTP MFA.
  3. Manually notify the user that their account is unlocked.

Note:

There is not an automatic notification system to inform the user their account is unlocked.

Use Case 3: Remove a User’s MFA Requirement

Scenario: A user temporarily lost or misplaced their mobile device and can’t access the ºÚÁϺ£½Ç91Èë¿Ú Portal because they don’t have access to ºÚÁϺ£½Ç91Èë¿Ú Protect or a similar OTP app. How do I allow the user to sign in without MFA? 

  1. On your mobile device, open the ºÚÁϺ£½Ç91Èë¿Ú Admin app.
  2. Log in with your ºÚÁϺ£½Ç91Èë¿Ú admin credentials.

Note:

You can set up ºÚÁϺ£½Ç91Èë¿Ú Admin to log in using Face ID (iOS) or Fingerprint (Android).

  1. Tap on Total Users and select the appropriate user.

Note:

If users have a lock icon next to their name, it means the user has an MFA app configured. 

  1. Scroll down to Directory Activities and investigate to determine if there is any suspicious activity.
  2. If there is no suspicious activity, tap Remove MFA Requirement.

Note:

ou can remove a user’s MFA requirement from the ºÚÁϺ£½Ç91Èë¿Ú Admin mobile app, but you cannot re-enable MFA from the mobile app. To re-enable a user’s MFA, you must use the ºÚÁϺ£½Ç91Èë¿Ú Admin Console.

  1. Manually notify the user that you removed their MFA login requirement.

Note:

When the user regains access to their mobile device, you must re-enable their MFA. For more information, see ºÚÁϺ£½Ç91Èë¿Ú MFA Guide.

  1. When the time comes, re-enable MFA for the user.
    1. From the ºÚÁϺ£½Ç91Èë¿Ú Admin Console, go to Users > User > Details > User Security Settings and Permissions and select Require Multi-factor Authentication on the User Portal.
Back to Top

List IconIn this Article

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case