Files of Indeed AM AirKey Provider reside in: indeed AM\Indeed AM Providers\Indeed AM AirKey Provider\<Version number>\
- IndeedAM.AuthProviders.AirKey.msi is the installation package of Indeed AirKey Provider.
About the Indeed AM AirKey Provider component
AirKey Provider requires AirKey Cloud Server installed.
A user should have Indeed AirKey application installed for authentication to work.
Installation
- Install AirKey Provider by running IndeedAM.AuthProviders.AirKey.msi installer.
- After the installation is complete, system restart might be necessary. If the installation wizard prompts to restart the system - confirm this action.
- The product removal/ restoring is carried out using the standard procedure for the supported operating systems, via Control panel menu.
Provider configuration
- Run Windows registry editor.
- Create AirKey key with nested value in HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Indeed-ID\BSPs section.
Create a string parameter named ServerUrl in AirKey section and specify the URL of your Indeed AirKeyCloudServer in it.
You should specify the URL from "ServerUrl" parameter of AirKey Cloud Server configuration file.
- Restart IIS server.
Configuring the smartphone application
Certificate configuration.
Certificate configuration is required if SSL is used to connect to Indeed AM Airkey Cloud server.
- Export the root certificate to cer/crt format. pfx/p12 cannot be recognized as root certificate.
- Send the certificate to smartphone and install it.
- Example of prompt to install a certificate for IOS devices.
- Example of prompt to install a certificate on Android devices. To install, specify name for the certificate and select “VPN and applications” in the “Usage” section.
- Example of prompt to install a certificate for IOS devices.
- Add the certificate to trusted ones.
- For IOS devices, open the following: Settings → General → About → Certificates Trust Settings. Mark the installed certificate as trusted in the “Enable Full Trust for root certificates”.
- For IOS devices, open the following: Settings → General → About → Certificates Trust Settings. Mark the installed certificate as trusted in the “Enable Full Trust for root certificates”.
- For Android devices, open the following: Settings → Security and lock screen → Encryption and credentials
- Make sure that the certificate is successfully added to “User credentials” section.
- Make sure that the certificate is successfully added to “Trusted credentials” section.
- Make sure that the certificate is successfully added to “User credentials” section.
Installation of application
- Download the Indeed AirKey application and give it permission to send notifications.
- Specify the password to log in to application.
- Click “+” icon to add a key in the “Keys” window.
- Give the application a permission to use camera and scan the QR code.
- Confirm creation of certificate request.
- Confirm the request to install the certificate.
- The key should appear in the “Keys” window if added correctly.
- To remove a key from the application, simply swipe the key to the left.
- To remove a key from the application, simply swipe the key to the left.
- When trying to remove an AirKey authenticator for a user, the latter receives a push notification of registered key removal. The key is removed from the application after the operation is confirmed. Configuration:
- Open the Airkey server configuration file named Web.config (C:\inetpub\wwwroot\airkeycloud).
Add the following code to the file (certificate configuration is required if SSL is used to connect to Indeed Airkey Cloud server):
Example<trustedClientsSettings> <trustedClients> <add id="1" /> </trustedClients> </trustedClientsSettings>- Create a string parameter named ClientId in the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Indeed-ID\BSPs\AirKey section at the PC with AirKey provider installed. Specify the id from item 8.b as the value of the parameter.
- After the changes are applied, the user should receive push notifications of key removal.
