3.16.3

Admin Guide

Hideez Authentication Service – Admin Guide

First steps with Hideez Authentication Service

System Requirements

  • Server:

    • Can be installed on a bare metal or virtual server

    • Linux

      • CentOS Linux 7

      • Ubuntu Server LTS 18.04

      • Ubuntu Server LTS 20.04

    • Windows Server 2012 and up

    • 4 GB RAM

  • Only for passwordless PC authentication (for AD on premises accounts):

    • Workstation with Windows 10 or 11 and must have a TPM 2.0 module.

    • The workstation must be connected to an Active Directory domain.

    • The Active Directory domain must have a Certification Server (Certification Authority)

    • A special template has been set up in the certification authority. (See Configuring an Active Directory Certification Authority).

  • The HES server must be available for both the Hideez Client and the mobile application, i.e. the computer and the phone must be in the same network, or the HES must have a public Internet address.

Our engineers can set up a test server in the cloud for you so that you can try out its features. The production server you have to install yourself inside your local network. To do this, follow these steps:

Step 1: Obtaining the API Key

The API Key is required so that your HES server can communicate with the Hideez License Server (HLS) and obtain the licenses necessary for the Hideez Keys to work. To do this, you can request a pilot. The resulting API Key must be registered in the server settings in Step 4.

Step 2: Deploying Hideez Enterprise Server

Step 3: Obtaining administrator rights on the server

Log on to the server using the default login admin@server and the password admin. Invite a new administrator and then delete the default administrator's account.

Step 4: Configuring the server

Go to Settings -> Parameters. Fill in all required parameters and save them.

Step 5: Obtaining employees licenses

You need to obtain licenses for employees so they will be able to use Hideez Authenticator with their accounts. Follow the instructions in the section How to get employee licenses. You will need to wait until your order will be processed (goes to the Completed status) and then proceed to the next step - setting up Hideez Clients.

Step 6: Installing the Hideez Client application on the user's computer

The Hideez Client application should be installed on all workstations where users will log in using Hideez Keys.

You can find the latest version of Hideez Client here. You can find installation instructions here.

Note! The Client settings must contain the path to the server that you just installed. To automate this step, follow this guide.

Note! You can install the Hideez Client version to work with internal Bluetooth or with an external Hideez Dongle. If you will not use Hideez Keys, it does not matter which option to choose.

You need to specify the full server address, for example, https://publicdemo.hideez.com/ or http://192.168.10.203/, or use any port you required, for instance, http://192.168.10.203:9090/.

Step 7: Approve workstations

For using the Hideez Authenticator on the employee's workstation, it should be approved by the administrator.

Step 8: Add Employees to your server

You can add employees manually or import them from AD. Don't forget to enable SSO for them.

Step 9: Choosing use scenario

You can use Hideez Authenticator as only SSO method or you may try full functionality (which includes PC passwordless or password-based login).

There are 2 possible use scenarios:

  • Windows login (passwordless or password-based PC login)

  • SSO use only (To setup your system environment for password-based login you only have to configure SSO on HES)