Skip to main content

Login page

login.png

This is the login page. There are several ways to log in to the ANT ID system described below. The login methods can be divided into groups:

OTP tokens

Tokens are authentication methods using mostly one-time codes (OTP) to confirm the user's identity. This method can be used if the user has enrolled one of the tokens during the enrollment process, e.g. Virtual token, SMS, Email, Google authenticator or MS authenticator.

This method, depending on the configuration, can allow password-less access - you can insert OTP directly into the Password field.
ANT ID - QR

ANT ID QR is a method using a token enrolled in ANT ID Authenticator. The application can retrieve the displayed QR and confirm the user's identity via the stored token.
Certificate Certificates can be used as verification of the user's identity if the user has a certificate issued by Reist that contains the stored identity of the user confirmed by Reist.
FIDO2 FIDO2 is an open standard for authentication that allows two-factor authentication using specialized devices (e.g. USB tokens, NFC/Bluetooth devices) that can be used as a second factor without an additional password. The option is applicable for users who have a FIDO2 token enrolled in ANT ID.
Emergency access Emergency access is similar to tokens, therefore the same functionality is used. This is a situation where the user has requested an emergency access code for various reasons, where this code can be used instead of a code generated by an application such as Google or MS authenticator.

Login methods may vary depending on the configuration of each tenant

Login via ANT ID - QR

A prerequisite for logging in with an ANT ID token is an ANT ID token enrolled in Selfservice (or within the Enrollment process) -  see details here.  

Login process

1

On the signing page choose choose ANT ID - QR option (button).

 ANT ID - QR button.png
2 The application displays a QR code obrázek_2024-04-15_103628585.png
3

Scan the QR code with the ANT ID Authenticator. If everything is correct, then the user will be logged into the ANT ID immediately.


For the login on the mobile device where the ANT ID Authenticator application is installed use the Login button - it will open the deep link to the ANT ID Authenticator app and the push notification will be created. Confirm the notification in the app and access to ANT ID will be granted.

Login via OTP

1

On the signing page choose ANT ID - OTP option (button).

 ANT ID - OTP button.png
2

Fill Fill Username and  and Password and press the the Login button.

 ANT ID - OTP login.png
3

Insert the OTP code received into the mobile phone or email address (depending on the type of enrolled token) or authenticator app and press the Login button. If everything is correct the user will be logged into the ANT ID immediately.
3a

In case the user has also the ANT ID Authenticator app registered on the mobile phone and the ANT ID token is enrolled then the push notification is sent to the application (in the mobile phone) - if the user confirms the notification on the mobile phone and everything is correct, then the user will be logged into the Vx immediately.

 OTP 3a.png
3b

In case that push notification is not resolved in ANT ID Authenticator by the user then after some time the SMS with OTP is sent to the user's mobile phone. Insert the OTP from SMS to the the Password/Code cell and press the the Login button. If everything is correct, then the user will be logged into the ANT ID immediately.

 OTP 3b.png

Login process via username and OTP from the authenticator app

1 On the signing page choose ANT ID - OTP  option (button). ANT ID - OTP button.png
2

Fill Fill Username and  and OTP code from your authenticator app and press the the Login button.

This possibility must be configured by the administrator.

 ANT ID - OTP login.png

Login via FIDO2 device

A prerequisite for logging in with FIDO2 is a FIDO2 token enrolled in Selfservice (or within the Enrollment process) -  see details here.  

Login process
1 On the signing page choose the FIDO login  option (button). FIDO 2 - button.png
2

Insert the FIDO2 token into the USB port and select the the External security key option.

 Fido 2 - 2.png
3 The browser will ask the user to touch the FIDO2 token. In the case of devices with fingerprint readers then touch the device with the correct finger. In the case of a PIN-protected device, the system requests the PIN code. If everything is correct, then the user will be logged into the ANT ID immediately. Fido 2 - 3.png

Login via the Emergency access code

A prerequisite for logging in with an Emergency access code is the generation of this code. There are two ways to obtain the code:

  1. In the Emergency access application after verifying the user's identity -  see details here.  
  2. By contacting an operator who can generate the code in the operations console

The emergency code can be used to log in as a replacement for a standard OTP or as part of the approval process. Its validity is defined based on a template, BUT this code is deactivated when any of the following operations are performed:

  • when the OTP address in the token changes (virtual, SMS, email)
  • the new token is enrolled
  • the token is activated
Login process
1 On the signing page choose ANT ID - OTP  option (button). ANT ID - OTP button.png
2

Fill Fill Username and  and Emergency access code generated in the Emergency access application and press the Login button. If everything is correct, then the user will be logged into the ANT ID immediately.

Emergency access codes can have a limited number of uses, so you need to perform the necessary operations after the first login - based on the reason for using the emergency access code - such as removing broken tokens and enrolling new ones, etc.

 ANT ID - OTP login.png
Back to top