How do I share a third party token between users

edited February 2021 in AuthPoint - General
We have a client that use websites that don’t support Saml. The site is 2fa only and only have one user account.

Example post-NL /TNT expres
The have one login to print package labels
Only when we activate 2fa for that site we can only activate one token for one user.
Only the web page is used by different user because the don’t all work full one.

Is there way to sync third party token between users like it can be sync between device from the user.

Best Answer

  • james.carsonjames.carson Moderator, WatchGuard Representative
    Answer ✓

    @ConnectNow
    If you're using a 3rd party (non-authpoint) token, you can click the 3 dots (more) button next to that token, and select migrate token. A barcode will appear, which you can scan with another phone. The token should appear on the new phone, and it also stays on the old phone.

    -James Carson
    WatchGuard Customer Support

Answers

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @ConnectNow

    It's not possible to share AuthPoint tokens between users by design. Attempting to migrate it to another device will remove it from the current device. I would suggest users for each user that needs to access the resource, or sharing a hardware MFA token so it's not tied to one person's phone.

    For 3rd party OATH tokens, you can scan the barcode multiple times, once on each device.

    -James Carson
    WatchGuard Customer Support

  • > @James_Carson said:
    > Hi @ConnectNow
    >
    > It's not possible to share AuthPoint tokens between users by design. Attempting to migrate it to another device will remove it from the current device. I would suggest users for each user that needs to access the resource, or sharing a hardware MFA token so it's not tied to one person's phone.
    >
    > For 3rd party OATH tokens, you can scan the barcode multiple times, once on each device.


    AuthPoint tokens are not the issue.
    It is about 3rd party

    Scanning the QR code is not a real option ever time there is a new employee alle the employees has to scan the QR code again.

    It would be nice if it would possible to scan the 3rd party QR ones and share it between AuthPoint users/devices

    And a authpoint central manageable password manager would be create. So we can assign passwords to user and let them login via password autofill

    Now we have to use Avast password for that’s So we have maintain two platforms but we prefer to use the authpoint platform.
  • edited February 2021
    > @James_Carson said:
    > @ConnectNow
    > If you're using a 3rd party (non-authpoint) token, you can click the 3 dots (more) button next to that token, and select migrate token. A barcode will appear, which you can scan with another phone. The token should appear on the new phone, and it also stays on the old phone.

    Yes I know.
    Problem employe leaves the company. How to withdraw that employee from access? Without impacting all other employees that use that login?

    For the time being we try this multi scan QR option . And I will setup a Bitwarden password server for or authpoint /panda users.

    Thanks for your help
  • james.carsonjames.carson Moderator, WatchGuard Representative

    @ConnectNow
    You'd need to remove that token on the service that supplied it, and deploy a new one. There's no way to reach out to the device with regular OATH tokens.

    -James Carson
    WatchGuard Customer Support

  • "Problem employee leaves the company. How to withdraw that employee from access? Without impacting all other employees that use that login?"

    Change the password for the single login account and give it to all currently authorized users. Yes, it's a change for each user, but it's a heck of a lot easier than changing the tokens for them.

    Gregg Hill

  • @Greggmh123 said:
    "Problem employee leaves the company. How to withdraw that employee from access? Without impacting all other employees that use that login?"

    Change the password for the single login account and give it to all currently authorized users. Yes, it's a change for each user, but it's a heck of a lot easier than changing the tokens for them.

    That why other managet token apps /sso platform can share/sync 3rd party tokens between user ;-) and just wonder why authpoint is not. Authpoint can only cloud sync 3rd party tokens with multiple devices like iPhone and iPad from the same user.

Sign In to comment.