Skip to main content

How to Create and Configure DeviceLock Application in the Tenant Admin Portal

This document provides step-by-step instructions to create and configure Device Lock Application in Tenant Admin Portal.

Updated today

Introduction

Device Lock is a secure, passwordless authentication app for Android devices that allows users to access their devices using Facial Recognition, Badge ID, QR Code, NFC ID, or PIN. It enhances security, streamlines user experience, and supports multi-factor authentication in enterprise environments.

Prerequisite

User must have a Tenant Admin account.

Steps to create and configure DeviceLock Application

  1. Log in to the Oloid Tenant Admin Portal. For more details refer How to log in to Tenant Admin Portal.

  2. On the Applications page, click Create Application in the top right corner.

    The Create New Application pop-up box is displayed.

  3. Do the following:

    1. Enter Application Name.

    2. Select Application Type as Passwordless.

    3. Click Next.

      The Select Passwordless Use Case page is displayed.

    4. Select Device Lock.

    5. Click Create.

      The Application is successfully created and listed in the applications list.

  4. Configure the following:

    1. Configure Details tab

    2. Configure Authenticator tab

    3. Configure Theme tab

    4. Setup Configure tab

    5. Configure Health Setup tab

    6. Configure Connection tab

    7. Configure Integration tab

Note: These are one-time settings, and all the default settings are recommended.

Configure Details tab

Go to Details tab and do the following:

  1. Update Application Name (if required).

  2. Add Description. (Optional)

  3. Select Factor Sequence from the drop-down list.

    To create and configure Factor Sequence refer to How to create and configure Factor Sequence.

  4. Set Time Zone from the drop-down list. (Optional)

  5. Click Save.

    The Details tab is successfully configured.

Configure Authenticator tab

Go to Authenticator tab and do the following:

Face

  1. Turn on Face toggle, to use face as credential.

  2. Select the preferred mode for facial recognition from FR Mode dropdown list.

    The Advanced Settings page is displayed.

  3. Configure the Face Match Parameters and Liveness Check Parameters on the Advanced Settings page.

    Note: The parameters are pre-configured. This is done by Oloid admin.

  4. Turn on Strict Error Handing toggle to ignore the face match error and perform one-to-one face match.

    Note: If a Face Match error occurs, it will be ignored, and a one-to-one facial comparison will still be performed.

  5. Turn on Additional face Match toggle to perform a one-to-one face match in addition to the regular Face Match.

  6. Adjust the slider or enter a value directly into the input box to set the Face Match Threshold value. (for Oloid internal use)

    Note: It defines the required level of similarity between two facial images within the same connection. A higher threshold ensures stricter matching accuracy.

  7. Adjust the slider or enter a value directly into the input box to set the Min. Liveness Probability. (for Oloid internal use)

    Note: This is the factor to decide if the image is live or spoofed. The threshold for the image to be considered live is 0.5.

  8. Adjust the slider or enter a value directly into the input box to set the Min. Liveness Quality. (for Oloid internal use)

    Note: It defines how "appropriate" the image is for the liveness check. The threshold for good image 0.1.

  9. Click Save.

    The Face credential is successfully configured.

Badge ID

  1. Turn on Badge ID toggle, to use Badge ID as credential.

  2. Select a Badge Type from the dropdown list.

    Note: To enable multi-factor authentication, first activate Badge ID, then enable PIN as an additional authentication factor.

  3. Click Save.

    The Badge ID credential is successfully configured.

QR Code

  1. Turn on QR Code toggle, to use QR Code as credential.

    Note: Enable QR Code and then enable PIN for multi-factor authentication.

  2. Turn on Show Camera Flip Button toggle.

    Note: Enabling this toggle will show a camera flip button on the QR code screen, allowing users to switch between the front and rear cameras.

  3. Select the Default camera selection from dropdown list.

  4. Click Save.

The QR Code credential is successfully configured.

PIN

Turn on PIN toggle, to use PIN as credential.

The PIN credential is successfully enabled.

NFC/ID

Turn on NFC/ID toggle, to use NFC/ID as credential.

Note: Enable NFC/ID, and then enable PIN for multi-factor authentication.

The NFC/ID credential is successfully enabled.

Note: You can enable one or more credential options based on your requirements.

Configure Theme tab

The Theme tab allows you to customize the appearance of the Device Lock application by following the onscreen instructions. For more details, see How to configure theme in Device Lock App

Setup Configure tab

Go to Configure tab and do the following:

Configure Settings

Customize Messages

Configure Passwordless

Customize Buttons

Configure Settings tab

  1. Turn on Enable Offline Mode toggle to allow endpoint transactions to be processed even when there is no network connectivity.

  2. Turn on Use Group Authorization toggle to restrict endpoint access to users within the same group associated with the endpoint connected to the application. This ensures that only users in the specified group can authenticate, both online and offline.

  3. Turn on Enable Auto Authentication of Webkey using Local Transaction toggle to allow user to auto-authenticate the user into Webkey after device login.

  4. Turn on Enable Screen Timeout toggle to turn off the screen after inactivity.

  5. Set Server Response Ping Timeout to define how long the Endpoint should wait for a reply from the server before switching to Offline Mode if no response is received.

  6. Set Authentication Timeout to define how long the system will wait for the user to begin the authentication process before redirecting them back to the first screen.

    Note: The default authentication timeout is 10 seconds.

  7. Set the Master Admin Override Passcode to exit the Device Lock app when the device is in Kiosk mode and/or no internet connection is available.

  8. Select Endpoint Template from dropdown list to apply during the endpoint pairing process.

  9. Turn on Show Clock on Intent/Auth Screens toggle to display clock on all the Intent, Authentication selection and Identity screens.

  10. Click Save.


    ​The Setting menu is successfully configured.

Customize Messages

  1. Turn on Enable Action Status Messages toggle to display the action status of the user's face authentication. You can customize the messages your user sees on the Device Lock app.

  2. Select Show default messages from the integration to display the integration's predefined messages. (Optional)

  3. Select Auto-dismiss the error prompt after and set the preferred time (in seconds)

    Note: The default auto-dismiss time is 5 seconds.

  4. Enter the Action Initialization Message in the text field.

  5. Enter Action Success Message in the text field.

  6. Enter Action Failure Message in the text field.

  7. Edit Authentication Failure Error Message field (Optional).

  8. Click Save.

    The Customize Message menu is successfully configured.

Configure Passwordless

  1. Turn on Enable Passwordless Config toggle to switch the endpoint's functionality to Device Lock Mode or Passwordless Login.

    Note: Once enabled, the endpoint will no longer support features like time clocking or reviewing punch data.

  2. Do one of the following:

    1. Device Lock Mode: Enabling this toggle switches the endpoint to Device Lock mode. The device screen unlocks after successful authentication.

    2. Passwordless Login: Select this option to enable the endpoint for Passwordless login and redirect the user to the configured URL after successful authentication.

      1. Do one of the following:

        1. Passwordless SSO URL:

          1. Turn on Passwordless SSO URL toggle.

          2. Enter all the URLs in the Logout URL field that should be logged out automatically before a new user logs in.

        2. Workday Punch Integration:

          1. Turn on Workday Punch Integration toggle.

          2. Enter the URL to which the Login is enabled for the linked Endpoint.

        3. Set the desired Timeout duration (in minutes and seconds) after which the screen automatically times out.

        4. Click Save.

          The Configure Passwordless menu is successfully configured.

Customize Buttons tab

  1. Edit the Button Label in the text field.

    Note: The default is 'Verify with <Credential Name>'.

  2. Select Enable Face Enrollment option to add it on the login page of the Device Lock app.

  3. Edit the Button Label. (Optional)

  4. Do any one of the following:

    1. Select URL for Web-HR picture verification.

      OR

    2. Select URL for User Portal.

      OR

    3. Select Custom Redirect URL > enter URL in the text field.

  5. Select Enable Custom Button option to add a button with customized button label and add redirect URL on the login page of Device Lock application.

    1. Enter Button Label. (Optional)

    2. Enter Enroll URL. (Optional)

  6. Click Save.

Application configuration is updated successfully.

Configure Health Setup tab

Go to Health Setup tab and do the following:

  1. Enter Server Name in the text field.

  2. Enter URL in Add URL that needs to be monitored in the text field.

  3. Click Add.

Configure Connections tab

Connection is a collection of multiple users. Go to Connection tab and do the following:

  1. Click + Add Connections to add a connection to the application.

    The Add Connections pop-up box is displayed.

  2. Select connection(s) from the Select Connection dropdown list

  3. Click Add.

    Note: An application can have a maximum of 5 connections.

    The Connection is successfully added to the application.

Configure Integrations tab

Go to integration tab and turn on Enable Integrations to perform cloud based actions toggle.

Note: Click Save after each action to save your configuration.

The Integration tab is successfully configured.

The Device Lock application is configured and listed on the Application page.

Keywords

| Configure Device Lock App | Create DeviceLock Application |

Related Articles
How to create and configure Oloid Connect Application in Tenant Admin Portal
How to Create and Configure Chrome Vault Application in the Tenant Admin Portal
How to create and configure DeviceLock Endpoint Template in Tenant Admin Portal
How to enable and configure PIN credential for Windows Login application in the Tenant Admin Portal
How to Configure Authenticator tab for Chrome Vault Application in the Tenant Admin Portal
Did this answer your question?