Enterprise Connect

Windows Workstation Authentication

Windows Workstation Authentication provides your organization with the capability to secure Windows workstations or servers with rich multi-factor authentication (MFA) either via SMS/email/voice call or push/one-time passcode (OTP) notifications through the ForgeRock Authenticator application.

Benefits of Windows Workstation Authentication:

  • Provides the fastest and safest way to close the desktop security gap. The first desktop MFA solution to integrate fully with the ForgeRock directory and ForgeRock Authenticator application.

  • Offers unprecedented endpoint security using the familiar ForgeRock Authenticator. The solution offers end users the best MFA experience while relieving IT teams from the expensive and cumbersome deployment of OTP tokens and security keys to protect workstations.

  • A plug-and-play solution that is easy to install on employee endpoints. No dedicated server is required, enabling fast deployment for the entire workforce. Your organization can now dramatically boost their domain security, improve user experience, and take the first step toward becoming fully passwordless in the future.

To support MFA (push or TOTP/OATH) in Windows Workstation Authentication, end users must download the ForgeRock Authenticator application to their smartphone via the Apple store or Google Play store.
Windows Workstation Authentication installation/configuration checklist
  • Download and install the binaries from Backstage (you must be logged in). This includes the base MSI file as well as the MSI Updater client.

  • Pre-configure the relevant journey(s).

  • Install the MSI Updater client on an administrative Windows machine.

  • Configure the MSI Updater client specific to your organization’s needs.

  • (Optional) Consider additional configurations.

  • Deploy the generated MSI file through your desired mechanism.

  • Verify and test your deployment.

Copyright © 2010-2022 ForgeRock, all rights reserved.