University of Bamberg
open search form
You are here

Service Institutions

University IT-Service

  1.  University of bamberg
  2. Weblogin
  3. Einmalanmeldung mit Shibboleth
  4. Administration and Institutions
  5. Service Institutions
  6. University IT-Service
  7. IT Services
  8. Login, Roles, Rights = IAM
  9. Passkey (English)
  10. MFA Passkey under macOS set up (english)

MFA Passkey set up under MacOS

Regulated rules:

  • If a computer is used by several people, it is mandatory that everyone logs in with their personal BA number. A local user account with which several people work may therefore not be used.
  • No MFA login may be set up with a technical account.

Important notice:

  • To be able to set up the passkey, you must have a valid user account (BA number + corresponding password) and a Codematrix.
  • Passkey should be set up first on the work computer as it is available to you.
  • If you have enabled MFA, you must use it to log in to all devices. We recommend that you perform the setup on all devices and set up at least 2 devices, as the code matrix does not need to be used for a new setup if one device is broken.
  • If you use the Safari web browser by default, please ensure that you allow Safari settings. There should be no problems with other web browsers.

Safari settings

To deactivate the cookie block in the Safari browser, call up Safari, open the browser settings and then click on Advanced on the right. The checkbox for Block all cookies must be unchecked.

Screenshot 1: Cookie settings in Safari activate
Screenshot 1: Cookie settings in Safari

Settings change

In the settings, search in Apple ID - iCloud - Passwords & Keychain. Note: If you cannot see the iCloud menu under Apple ID, sign out of your Apple ID and sign in again.
Turn on iCloud Keychain. You might be asked for your passcode or Apple ID password.

Screenshot 2: iCloud Passwords & Keychain in the settings activate
Screenshot 2: iCloud Passwords & Keychain

Please check that in the Settings - Passwords - Password options - Autofill Passwords and Passkeys was actived.

Screenshot 3: Password Options in the Settings
Screenshot 3: Password Options

Passkey setup

Please note!


If you are already logged in to the IAM portal, follow the instructions.
If you want to set up Passkey on a different device, first log in to the IAM portal on the device on which you have already set up Passkey. Create the registration code. Then follow the instructions in the 'Create Passkey' section on the new device.

Create registration code

To roll out the passkey, open the web application IAM-Portal - Create registration code.

Screenshot 4: Create registration code in the IAM portal
Screenshot 4: Create registration code in the IAM portal Menu

Your registration code will be displayed there. Please copy it and note that the code is only valid for 30 minutes.

Screenshot 5: Generate registration code in the IAM portal
Screenshot 5: Generate registration code in the IAM portal menu

Then follow the link to roll out the passkey: https://getpasskey.iam.uni-bamberg.de

The Codematrix and registration code should be displayed for selection as a login option.

Please enter the previously copied registration code in the field provided on the Getpasskey and click on “Check”.

Screenshot 6: Login to Passkey's Uni-Bamberg
Screenshot 6: Login to Passkey's Uni-Bamberg under Shibboleth

Select the menu item Enroll Token.

As you have to roll out a passkey for each device, it is advisable to define a description accordingly. Therefore, assign a corresponding name under Description, such as “Laptop login”. Confirm this with Enroll Token.

Screenshot 7: Describing the token name and enroll the token
Screenshot 7: Describing the token name and enroll the token on the website

The temporary pop-up message “getpasskey.iam.uni-bamberg.de requests extended information...” will then be displayed. Please select the “Allow” option promptly. Otherwise the token will be deactivated and deleted.

Screenshot 8: Allow an access to saved passkeys in webbrowser
Screenshot 8: Allow an access to saved passkeys

If the passkey has been successfully stored, you will receive the message The token has been rolled out in the next window.

Otherwise, select iCloud Keychain in the window that opens and confirm with Continue.

Screenshot 9: Create Passkey on site
Screenshot 9: Create Passkey on passkey site

If you use several web browsers in parallel, they should all work with one passkey without any problems. However, additional authorisations may be requested when logging in. Screenshot 11 show an example of logging in with the Chrome web browser.

Screenshot 7: Chrome Web-login with iCloud Keychain
Screenshot 11: Chrome login under iCloud Keychain

Passkey login activation in the IAM-Portal

The last step is to activate the passkey in the IAM portal under the following link:https://idp.iam.uni-bamberg.de/passkey Select Activate in the menu and click on Apply. The notification ‘Passkey login has been activated’ is displayed as confirmation. To deactivate the passkey login, select Deactivate in the menu and then Apply.

Screenshot 12: Activate the Passkey using Shibboleth
Screenshot 12: Activate the Passkey using Shibboleth

Manage passkeys

Passkeys are managed via the IAM portal (iam.uni-bamberg.de). You can deactivate or delete your passkeys under the menu item Manage Passkeys. Please note that the corresponding passkey must be deleted immediately if the device is lost or stolen.

Screenshot 13: Manage passkeys
Screenshot 13: Manage passkeys in the IAM-Portal

Emergency login with Codematrix

Please use Codematrix only in an emergency situation if the passkey login is not available. Follow the steps on the Codematrix information page.

Have you any futher questions?

IT-Support
Telephone: +49 951 863-1333
E-Mail: it-support(at)uni-bamberg.de