Unlocking with a Recovery PIN
Using the HYPR Workforce Access Client
HYPRβs Recovery PIN functionality gives users temporary access to their workstation if they donβt have their mobile device or if they need to replace it with a new one for any reason. Recovery PINs are auto-generated by the HYPR Mobile app and stored on the server for retrieval by an Administrator when needed.
Recovery Mode
To make Recovery PINs available to end users, an Administrator must first enable Recovery Mode on the Control Center Workstation Settings screen. The feature is disabled by default.
Generating Recovery PINs
The initial Recovery PINs are generated automatically when the user first pairs the HYPR Mobile App or security key with the workstation.
The PINs are subsequently regenerated each time the user authenticates the machine with HYPR.
Machine-specific PINs
Because PINs are tied to a specific username/machine name combination, theyβre only valid for one workstation. Users will need a different PIN for other workstations even if they share the same domain.
Requesting a Recovery PIN
In order to request a Recovery PIN, the user must contact the Administrator and provide the Machine Name and Username for the workstation that needs to be unlocked. This information can be displayed by clicking the Don't have your phone? link on the workstation login screen.
Retrieving the Recovery PIN
After receiving the username and machine name from the user, the administrator can retrieve the Recovery PIN from the User Management page in the Control Center.
Get the Username or Machine Name with an API Call
If the user isnβt able to provide both the username and machine name for some reason, the Administrator can retrieve one or the other via the HYPR API.
To retrieve the username for a given machine (server) name, use this endpoint:
{{url}}/rp/api/oob/client/devices/{{rpAppId}}/{{machineName}}
To retrieve the machine (server) name for a given username, use this endpoint:
{{url}}/cc/api/versioned/rpUser/{{username}
For more information, please see the HYPR Passwordless APIs documentation.
Using the Recovery PIN to Log in
After receiving the PIN from the Administrator, the user enters it on the login screen to unlock the workstation.
Note that the PIN validity period starts counting down as soon as the user logs in for the first time. (See Recovery PIN Lifespan on the Control Center Workstation Settings screen.)
Updated 9 months ago