Pages

Friday, March 3, 2017

Salesforce: Lightning Login with Fingerprint

In my earlier blog Introducing Lightning Login, we discussed about how to setup Lightning Login, but many of you ask why I do not see fingerprint option, if my device support it.

To use Lightning Login, your admin must first enable Lightning Login for your org., then assign you with Lightning Login User permission. Lightning Login requires Android version 5.0 (Lollipop) or later or iOS 8 or later. If you’re using an iPhone, enable fingerprint or PIN identification. To use your fingerprint on an Android phone, first set up a PIN, pattern, or password.


As you see from above flow:
1. Click—Look for the lightning bolt next to your Lightning Login–enabled username, and click your username.
2. Tap—On your mobile device, tap the notification from the Salesforce Authenticator app.
3. Touch—Verify your identity with your fingerprint or PIN. Presto! You’re logged in.

In step 3 Touch, you can use fingerprint or PIN, but we haven't see this in the earlier blog.
This is simply because as admin, you need to grant Two-Factor Authentication for User Interface Logins permission to the user, either by Profile or Permission Set.

Once this permission is added, if user have enable Lightning Login, after user tap Approve in the device, user will be asked for fingerprint.



In other scenario, if Two-Factor Authentication for User Interface Logins permission has been given and activate by user prior Lightning Login, when user Enroll for Lightning Login, user will be asked for fingerprint when they enroll.




Reference: