How do I set up "no-password" sign in for IdentityNow?

Version 25

    "No-password" sign in refers to the fact that, when an administrator has configured the system a certain way, you don't have to type in a password to get to your IdentityNow Launchpad. This is also known as Integrated Windows Authentication (IWA) or Kerberos.

     

    NOTES:

    • Following these instructions does not guarantee that you will have "no-password" sign in. Your administrator has to enable it for your company first. If you are not sure if this option is available to you, contact your IT department for assistance.
    • Even when you have this configured correctly, some apps you use might force you to sign in to IdentityNow to use high-risk pages or features. For more information, see Why am I being asked to sign back in to IdentityNow?

     

    The information that follows describes the trust settings you need to define for the following browsers:

     

    NOTE: Your administrator has the ability to configure the settings for these browsers remotely for your entire organization using group policies. If they have done this, you will not need to make any changes to the browser installed on your computer.

     

    The following browser does not require any special trust settings:

    • Safari on Mac

     

    NOTE: Chrome on Mac does not support "no-password" sign in.

     

     

    Firefox on Windows and Mac

     

    To set up your Firefox browser so you don't have to enter a password to sign in, you must complete these instructions for the Firefox browser.

     

    1. Open a new tab.

     

    2. In the Address field, type:
    about:config

     

    3. Press ENTER.

     

    NOTE: If you see a warning that this might void your warranty, click I'll be careful. I promise. These changes will not affect your warranty.

    ff about config.png
    4. In the page that displays, in the Search field type:
    network.negotiate-auth.trusted-uris
    ff about config results.png
    5. Right-click on the setting and click Modify.ff modify setting.png

    6. In the field that displays, add the following:

     

    • The full URL for your IdentityNow sites
    • The full SSO URL for your IdentityNow site.

     

    Your administrator will need to provide you with these URLs.

     

     

    7. Click OK.

     

    8. Close the about:config tab.

    ff value.png

     

     

    Internet Explorer on Windows

     

    The settings on Internet Explorer are determined by your administrator:

     

    • In most cases, they're configured automatically and you don't have to do anything.
    • If you have administrator privileges on your workstation, contact your administrator for instructions.

    NOTE to IdentityNow Administrators: Please provide these users with the instructions in Internet Explorer and Firefox Settings for IWA Configuration

     

    Chrome on Windows

     

    Chrome honors the trust settings configured in Internet Explorer. Therefore, to use "no-password" sign in on Chrome, follow the instructions here to set up Internet Explorer.