If a computer is used by several people, it is mandatory that everyone logs in with their personal BA number. A local user account with which several people work may therefore not be used.
No MFA login may be set up with a technical account.
Please note!
If you want to set up Passkey on another end device, first log in to the IAM portal on the end device on which you have already rolled up Passkey. Generate the confirmation code. And follow the instructions in the section Create Passkesy on antoher device on the new end device.
Create passkey on the first device
To roll out the passkey on your first computer, open the website https://getpasskey.iam.uni-bamberg.de/ with your BA-Number and the corresponding password.
After successfully registering, follow the instructions starting from the Roll out token.
Figure 1: Getpasskey registration via Shibboleth
Create passkey on another device
First log in to the IAM portal on the end device on which you have already rolled up Passkey. Generate the confirmation code.
The code matrix and the confirmation code should be displayed for selection as a registration option.
Please enter the previously copied confirmation code in the field provided on the Getpasskey page and click on Check.
Figure 2: Logging in to Passkey's Uni-Bamberg through Shibboleth
Roll out token
Select the menu item Enroll Token.
As you have to roll out a passkey for each device, it is advisable to define a description accordingly. Therefore, assign a corresponding name under Description, such as “Laptop login”. Confirm this with Enroll Token.
Figure 3: Describing the token name and enroll the token on the website
The temporary pop-up message “getpasskey.iam.uni-bamberg.de requests extended information...” will then be displayed. Please select the “Allow” option promptly. Otherwise the token will be deactivated and deleted.
Figure 4: Allow an access to saved passkeys
If the passkey has been successfully stored, you will receive the message The token has been rolled out in the next window.
Figure 5: Passkey successfully rolled out
Otherwise, select iCloud Keychain in the window that opens and confirm with Continue.
Screenshot 6: Create Passkey on passkey site
Bitte achten Sie darauf, dass Sie, sollte dies erforderlich sein, bei der Passkey-Ersetzung Ihr eigenes Kennwort für die Gerätesperre und nicht das Passwort Ihrer BA-Nummer angeben müssen. Bestätigen Sie danach mit Fortfahren.
Figure 7: Allow passkey replacement with the device password
If you use several web browsers in parallel, they should all work with one passkey without any problems. However, additional authorisations may be requested when logging in. Screenshot 11 show an example of logging in with the Chrome web browser.
Figure 8: Chrome login under iCloud Keychain
Manage passkeys
Passkeys are managed via the IAM portal (iam.uni-bamberg.de). You can deactivate or delete your passkeys under the menu item Manage Passkeys. Please note that the corresponding passkey must be deleted immediately if the device is lost or stolen.
