MFA Passkey set up under iOS (iPhone, iPad) (English)
MFA Passkey set up under iOS (iPhone, iPad)
Important notice:
To be able to set up the passkey, you must have a valid user account (BA number + corresponding password) and a Codematrix.
Passkey should be set up first on the work computer as it is available to you.
If you have enabled MFA, you must use it to log in to all devices. We recommend that you perform the setup on all devices and set up at least 2 devices, as the code matrix does not need to be used for a new setup if one device is broken.
Settings change
The first step is to adjust the settings accordingly. To do this, open the Apple ID menu item in the settings and then go to the iCloud option. There you will find the Passwords & Keychain function.
Now activate iCloud Passwords & iCloud Keychain with the option “Synchronize this iPad (iPhone)”.
Screenschot 1: iClouds Passwords & Keychain
Further settings must be changed. To do this, search for the Safari app in the Settings menu. Then, in the Safari settings, deactivate the slider for Block pop-ups under the General menu item.
Screenshot 2: Pop-ups block deactivate
Passkey roll out
Note!
If you are already logged in to the IAM-Portal, follow the instructions.
If you want to set up Passkey on another device, first log in to the IAM-Portal on the device on which you have already rolled up Passkey. Create the registration code. And follow the instructions in the section Create Passkey on the new device.
Registration code create
To roll out the passkey, open the web application IAM-Portal - Create registration code.
Screenshot 3: Create registration code in the IAM-Portal Menu
Your registration code will be displayed there. Please copy it and note that the code is only valid for 30 minutes.
Screenshot 4: Generate registration code in the IAM-Portal menu
The code matrix and registration code should be displayed for selection as a login option.
Please enter the previously copied registration code in the field provided on the Getpasskey and click on Validate on the website.
Screenshot 5: Login to Passkey's Uni-Bamberg under Shibboleth
Select the menu item Enroll Token.
As you have to roll out a passkey for each device, it is advisable to define a description accordingly. Therefore, assign a corresponding name under Description, such as ‘Laptop login’. Confirm this with Enroll Token.
Screenshot 6: Describing the token name and enroll the token on the website
The temporary pop-up message ‘getpasskey.iam.uni-bamberg.de requests extended information...’ will then be displayed. Please select the Allow option promptly. Otherwise the token will be deactivated and deleted.
Screenshot 7: Confirmation of the notification about the roll-out of the tokens on the website
If the passkey has been successfully stored, you will receive the message The token has been rolled out in the next window.
Otherwise, select iCloud Keychain in the window that opens and confirm with Continue.
Select Activate in the menu and click on Apply. The notification ‘Passkey login has been activated’ is displayed as confirmation.
To deactivate the passkey login, select Deactivate in the menu and then Apply.
Screenshot 9: Passkey activate
Manage passkeys
Passkeys are managed via the IAM-Portal (iam.uni-bamberg.de). You can deactivate or delete your passkeys under the menu item Manage Passkeys. Please note that the corresponding passkey must be deleted immediately if the device is lost or stolen.
Screenshot 4: Passkeys in IAM-Portal manage
Emergency login with Codematrix
Please use Codematrix only in an emergency situation if the passkey login is not available. Follow the steps on the Codematrix information page.
