Setup Guide: Single Registration for Unified Passwordless Authentication

Single Registration simplifies user experiences by allowing users to register their mobile devices once and use them for passwordless authentication across both desktop workstations and protected web applications. This unified approach eliminates the need for separate registration ceremonies on each platform, reducing user friction while maintaining strong security.

Administrator and Deployment Guide

This guide addresses IT administrators and security professionals responsible for deploying Single Registration in passwordless authentication environments. For deployment guidance based on your organization's authentication footprint, see Deployment Strategies. The Logs and Audit Trail section covers monitoring and compliance requirements.

Overview

Single Registration enables seamless passwordless authentication across multiple platforms by allowing users to register their mobile devices once and access both desktop and web resources without additional registration steps.

How It Works

Single Registration comes in two complementary directions:

• Workstation to Web (WS→Web): User registers via HYPR Workforce Access Client on desktop; HYPR Server automatically creates both desktop and web profiles
• Web to Workstation (Web→WS): User registers via web application interface; HYPR Server automatically provisions both web and workstation profiles

These directions can be enabled independently or together, depending on your organization's authentication footprint and deployment strategy.

Key Benefits

• Unified Registration Experience: Users register once via their preferred platform (desktop or web) and gain access to both environments
• Simplified Profile Management: HYPR Server manages linked desktop and web profiles automatically
• Flexible Deployment: Enable Workstation to Web, Web to Workstation, or both based on your existing authentication infrastructure
• Backward Compatible: Users can still register explicitly to either platform if needed
• Audit and Compliance: Full audit trail of registration and deregistration events

Registration Configuration

Single Registration supports two registration directions. Choose the configuration that matches your organization's deployment strategy:

Workstation to Web Single Registration →

Users register via HYPR Workforce Access Client on desktop and automatically gain web access.

Web to Workstation Single Registration →

Users register via web application and automatically gain desktop access.

Testing the Workflow

To validate the Single Registration setup, follow these steps:

1. Create magic link: Use HYPR Control Center Console to generate a magic link

   • Enter the user's email address (must match the Active Directory email)
   • Click Create Magic Link

2. Navigate to Device Manager: The user opens the magic link, which redirects to Device Manager

3. Register mobile device: The user selects Register mobile device to initiate web registration

4. Wait for processing: Allow several minutes for the server to process the certificate request

5. Complete Workforce Access pairing: The user taps the Pending Computer notification and scans the QR code displayed on the Windows lock screen to complete workstation pairing

Logs and Audit Trail

HYPR Control Center provides comprehensive audit trail capabilities for monitoring and compliance.

Audit Trail Access

• HYPR Control Center Console: Administrators access the audit trail mechanism to view events
• Event tracking: The system tracks all registration, deregistration, and authentication events
• Filtering: Administrators search audit events by username, event type, timestamp, and status
• Retention: HYPR stores events in the Control Center database for a limited duration

Permanent Storage

• Security Information and Event Management (SIEM) integration: Integrate your existing SIEM infrastructure with HYPR Server for permanent archival
• Long-term retention: Enable permanent archival of audit events beyond the Control Center database retention period
• Compliance requirements: Audit trails support compliance and forensic investigation requirements
• Configuration details: Refer to the HYPR Public Documentation Guide for detailed information on audit trail configuration and SIEM integration

Next Steps

After reviewing this guide, refer to the following resources based on your deployment direction:

For Web to Workstation Single Registration:

• HYPR Enrollment Service Setup →

For End User Guidance:

• End User Guide: Setting Up Passwordless Login →