Testing Push Authentication

AM presents you with a page for entering only your user ID, or user ID and password. After you provide those credentials, AM verifies them. If your credentials are valid and the account has a device registered for push notifications, AM sends a push notification to the registered device.

Note

The device needs access to the Internet to receive push notifications, and the AM server must be able to receive responses from the device.

Receiving Push Notifications

On your registered device, you will receive a push notification from AM. Depending on the state of the phone and the ForgeRock Authenticator app, respond to the notification as follows:

  • If the phone is locked, the notification may appear similar to the following:

    Push notification when locked

    Slide the notification across the screen, then unlock the phone. The ForgeRock Authenticator app will automatically open and display the push notification authentication screen.

  • If the phone is not locked, and the ForgeRock Authenticator app is not open, the notification may appear similar to the following:

    Push notification when unlocked and app closed

    Tap the notification. The ForgeRock Authenticator app will automatically open and display the push notification authentication screen.

  • If the phone is not locked, and the ForgeRock Authenticator app is open, the app will open the push notification authentication screen automatically.


Approving Requests

On the push notification authentication screen, approve the request using one of the following methods:

  • Slide the switch with a checkmark on horizontally to the right.

    The Push Notification Authentication Screen

  • If the registered device supports Touch ID, and fingerprints have been provided, you can approve the request by using a registered fingerprint.

    The Touch ID screen

Tip

If the registered device supports face recognition and you have set up facial recognition, you can approve the request by glancing at your device.

AM will display the user's profile page.


Denying Requests

Deny the request by tapping the cancel icon in the top-right of the screen or, if Touch ID or face recognition are enabled, tap the Cancel button.

After a timeout has passed, AM will report that authentication has failed.

Note

If you do not approve or deny the request on the registered device, the AM Push Authentication page will timeout and the authentication will fail. The timeout can be configured in the ForgeRock Authenticator (Push) authentication module settings or in the Push Sender node.


Read a different version of :