Options

AuthPoint Welcome Email

shaazaminatorshaazaminator
in AuthPoint - General

My company is implementing AuthPoint to comply with our new CyberRisk insurance coverage.
I imported the first of my LDAP users and assigned them to a Group which worked fine.
Next thing I know all these users are contacting me wondering what this Watchguard welcome message is and why do they need to active an app on their mobile device?

Is there a way to keep this from happening until I've had a chance to implement, test, and slowly roll out Authpoint to a few select users? Having WG automatically send this email seems premature to me. I know I can resend the email, but I don't want it sent in the first place.

In the meantime I've told them to ignore the email.

Thanks !

It's usually something simple.

Comments

  • Options
    Tristan.ColoTristan.Colo
    edited February 2023

    @shaazaminator said:
    My company is implementing AuthPoint to comply with our new CyberRisk insurance coverage.
    I imported the first of my LDAP users and assigned them to a Group which worked fine.
    Next thing I know all these users are contacting me wondering what this Watchguard welcome message is and why do they need to active an app on their mobile device?

    Is there a way to keep this from happening until I've had a chance to implement, test, and slowly roll out Authpoint to a few select users? Having WG automatically send this email seems premature to me. I know I can resend the email, but I don't want it sent in the first place.

    In the meantime I've told them to ignore the email.

    Thanks !

    If this were for a new setup, my advice would have been to setup a test sync group to do the invites and to notadd anyone to that group except your test users. Once done then you can roll-out by using real groups. The only caveat to this is when it comes to the SAML integration with Microsoft 365 as that is an "all or nothing" for the domain you are federating.

    The AuthPoint LDAP and Azure sync is done in such a way that the moment a user is synced an invite will be sent. There is no way to delay the welcome email. This invite will expire after 48 hours.

    In this case, since you already have sent invites to a subset of users, I would just leave the users in AuthPoint, if some users activate tokens earlier than others it isn't a big deal.... once you are ready to deploy AuthPoint you can then select all users at once and resend the invites to those who don't tokens/ have pending invites.

    My go-to when deploying anything new is to make sure you don't use live groups when you are still testing a deployment. Use extra groups for testing and then convert to live groups once you have tested everything. Delete the test groups when done.

    If you go to learn.watchguard.com and review the AuthPoint courses there should be some info there on how AuthPoint deployment works.

    This getting started guide should also help (it even has some recommendations on how to test).

    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/authpoint/authpoint_quick_start.html

    Hope this info helps.

    ~T

  • Options
    shaazaminatorshaazaminator

    Hey @Tristan.Colo

    Thanks for the advice, and yeah, RTFM right?
    I did go through most all the tutorials before as I have MFA running for accessing servers and the firebox.
    Just completely missed the part about the welcome email, which was quite obvious upon second glance.
    In the meantime I'll stop importing users and work with the ones I have as my test subjects.
    Just trying to do too much too quickly.

    Thanks again,

    • Doug

    It's usually something simple.

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @shaazaminator
    I'd suggest stating with a smaller group, or make a group specific to your testing. As soon as AuthPoint gets new users, it automatically sends the email to start their enrolment.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.