Delinea Authenticator App

You can use the Delinea Authenticator to securely log in to the Delinea Platform.

The Authenticator app is different from the Delinea Mobile authentication feature.

Delinea Authenticator offers simple and secure multi-factor authentication (MFA) methods for your Delinea Platform tenant. You can approve MFA push notifications using device biometrics or copy the generated time-based one-time passwords (TOTP) specific to your account and tenant.

You can download the Authenticator app from the following sources: 

Registering the Authenticator App

The Delinea Authenticator allows you to register to one or more Delinea Platform tenants.

To register the Authenticator app with your Delinea Platform tenant: 

  1. Go to your Delinea Platform user profile and find the Applications tab, or access the app through the Delinea Marketplace.

  2. Download the Authenticator app, if you haven't already. Follow the onboarding steps provided within the app to proceed.

  3. Once you open the app, it prompts you to scan the registration QR code.

  4. After you scan the QR code, you see your tenant represented within the app. You can change the name of the tenant if desired.

    To register additional tenants, tap the QR code button on the home screen of the app and access the QR code in the Delinea Platform tenant.

Log in to the Delinea Platform

You can log in to the Delinea Platform using the TOTP code found in the Delinea Authenticator. Please refer to Alternate TOTP Authentication for more information.

As a result of necessary backend migration work for the Authenticator app, you may see multiple records for the Delinea Mobile app on the Applications tab in your User Profile. If affected, you can 'unregister' the older record so that only the updated record shows. This should not impact your functionality.

Setting up Biometric Unlock

The Delinea Authenticator requires biometric authentication. After you register the app, it prompts you to use facial ID; select Yes. Once enabled, the app performs a biometric check and allows you to proceed through application setup.

The app prompts you for biometric authentication at launch and during any additional authentication requests.

Push Notifications

During the onboarding process, the app prompts you to enable notifications to your device. Enable notifications to receive push alerts during an MFA event.

Once enabled, you receive push notifications along with in-app alerts containing the necessary information to approve the request.

Copying TOTP Codes

The Delinea Authenticator allows you to copy and paste TOTP codes specific to your platform tenant.

To copy TOTP codes from the Delinea Authenticator: 

  1. Launch the Authenticator app on your device.

  2. Find the TOTP card for your desired tenant within the Delinea Platform.

  3. Tap the TOTP card to copy the code.

  4. A confirmation message appears on the bottom of your screen indicating that the code has been copied to your clipboard.

Configure Apps in Delinea Platform

As an administrator, you can configure the length of the generated TOTP codes in the Delinea Authenticator app. See Secret Server's TOTP for more information.

Also, as an administrator, you can require users to complete the Delinea Authenticator setup at login. This requirement will prompt users to register Delinea Authenticator for future log ins or set-up MFA requests. See Identity MFA Profiles for more information.

Unregistering the Delinea Authenticator App

You can unregister the Authenticator app from your tenant at anytime.

To unregister the Authenticator app from your tenant:

  1. Open the application settings.

  2. Select your tenant to unregister.

  3. Tap Unregister.

    To register your tenant again, follow Registering the Authenticator App.

To unregister the Authenticator App in Delinea Platform:

  1. Open the Applications tab in Platform.

  2. Locate the application record and tap the kabob menu on the card.

  3. Then tap Unregister.

Authenticator Functionality from the Delinea Mobile Application Removed

If you are an existing Delinea Mobile application user, and you have set up the Delinea Authenticator for your account, you will no longer have authenticator functionality in Delinea Mobile. Users who have not set up the Delinea Authenticator can still use the Delinea Mobile authentication feature.

Once you configure the Delinea Authenticator, the system automatically sends all future MFA requests to it, eliminating the need for any additional action on your part.