MFA Passkey under Android set up (Smartphone, Tablet) (English)
MFA Passkey set up under Android
Important notice:
To be able to set up the passkey, you must have a valid user account (BA number + corresponding password) and a Codematrix.
Passkey should be set up first on the work computer as it is available to you.
If you have enabled MFA, you must use it to log in to all devices. We recommend that you perform the setup on all devices and set up at least 2 devices, as the code matrix does not need to be used for a new setup if one device is broken.
Please note that for Android versions from Android 14, Passkey must first be set up via the Chrome browser.
Please note that the menu navigation may differ from our instructions depending on the manufacturer.
Enable login options on the tablet or on the smartphone
The first step is to enable MFA login options on your Android device. Navigate to Settings - Security and privacy - Device security or Lock screen. Select a login option (face recognition/fingerprint recognition is recommended) to add it. Once set up, restart the device to check the new login option.
Automatically synchronize passwords and accounts
In the settings, search for - Passwords and accounts. Then activate the automatic update with Synchronise data automatically.
Remove the password for “idp.iam.uni-bamberg” both from the password manager in the settings of your cell phone and from the settings of the Google web browser under the option Passwords, if it is saved there.
Passkey roll out
Please note!
If you are already logged into the IAM portal, follow the instructions.
If you want to set up Passkey on another end device, first log in to the IAM portal on the end device on which you have already rolled up Passkey. Create the registration code. And follow the instructions in the section Create Passkey on the new end device.
Create registration code
To roll out the passkey, open the web application IAM-Portal - Create registration code.
Screenshot 1: Create registration code in the IAM portal Menu
Your registration code will be displayed there. Please copy it and note that the code is only valid for 30 minutes.
Screenshot 2: Generate registration code in the IAM-Portal menu
The code matrix and registration code should be displayed for selection as a login option.
Please enter the previously copied registration code in the field provided on the Getpasskey and click on Validate on the website.
Screenshot 3: Login to Passkey's Uni-Bamberg under Shibboleth
Select the menu item Enroll Token.
As you have to roll out a passkey for each device, it is advisable to define a description accordingly. Therefore, assign a corresponding name under Description, such as ‘Laptop login’. Confirm this with Enroll Token.
Screenshot 4: Describing the token name and enroll the token on the website
The temporary pop-up message ‘getpasskey.iam.uni-bamberg.de requests extended information...’ will then be displayed. Please select the ‘Allow’ option promptly. Otherwise the token will be deactivated and deleted.
Screenshot 5: Confirmation of the notification about the roll-out of the tokens on the website
If the passkey has been successfully stored, you will receive the message The token has been rolled out in the next window.
Select Activate in the menu and confirm with Apply. The notification “Passkey login has been activated” is displayed as a sign of successful completion.
To deactivate the passkey login, select Deactivate in the menu and then Apply.
Figure 6: Activating the passkey in the IAM portal
Manage passkeys
Passkeys are managed via the IAM-Portal. You can deactivate or delete your passkeys under the menu item Manage Passkeys. Please note that the corresponding passkey must be deleted immediately if the device is lost or stolen.
Screenshots 7: Manage passkeys
Emergency login with Codematrix
Please use Codematrix only in an emergency situation if the passkey login is not available. Follow the steps on the Codematrix information page.
