Login page
This is the login page. There are several ways to log in to the MAYI ID system, as described below. The login methods can be divided into groups:
| OTP tokens |
Tokens are authentication methods using mostly one-time codes (OTP) to confirm the user's identity. This method can be used if the user has enrolled one of the tokens during the enrollment process, e.g. Virtual token, SMS, Email, Google authenticator or MS authenticator. This method, depending on the configuration, can allow password-less access - you can insert OTP directly into the Password field. |
| QR code in MAYI ID authenticator |
MAYI ID QR is a method using a token enrolled in MAYI ID Authenticator. The application can retrieve the displayed QR and confirm the user's identity via the stored token. |
| Certificate | Certificates can be used as verification of the user's identity if the user has a certificate issued by Reist that contains the stored identity of the user confirmed by Reist. |
| Passkey | Passkey is an open standard for authentication that allows two-factor authentication using specialized devices (e.g. USB tokens, NFC/Bluetooth devices) that can be used as a second factor without an additional password. The option is applicable for users who have a Passkey token enrolled in MAYI ID. |
| Emergency access | Emergency access is similar to tokens, therefore the same functionality is used. This is a situation where the user has requested an emergency access code for various reasons, where this code can be used instead of a code generated by an application such as Google or MS authenticator. |
Login methods may vary depending on the configuration of each tenant
Login viaUse MAYI ID Authenticator
A prerequisite for logging in with a MAYI ID token is a MAYI ID token enrolled in Selfservice (or within the Enrollment process) - see details here.
Login process
| 1 |
On the signing page choose Use MAYI ID Authenticator option (button). |
|
| 2 | The application displays a QR code |
|
| 3 |
Scan the QR code with the MAYI ID Authenticator. If everything is correct, then the user will be logged into the MAYI ID immediately. For the login on the mobile device where the MAYI ID Authenticator application is installed use the Open MAYI ID authenticator on this device button - it will open the deep link to the MAYI ID Authenticator app and the push notification will be created. Confirm the notification in the app and access to MAYI ID will be granted. |
Receive OTP code
Login via receiving OTP (Email, SMS)
| 1 |
On the signing page choose Receive OTP code option (button). |
|
| 2 |
Fill Username and Password and press the Login button. |
|
| 3 |
Insert the OTP code received into the mobile phone or email address (depending on the type of enrolled token) or authenticator app and press the Login button. If everything is correct the user will be logged into the MAYI ID immediately. |
|
| 3a |
In case the user has also the MAYI ID Authenticator app registered on the mobile phone and the MAYI ID token is enrolled then the push notification is sent to the application (in the mobile phone) - if the user confirms the notification on the mobile phone and everything is correct, then the user will be logged into the system immediately. |
 |
| 3b |
In case that push notification is not resolved in MAYI ID Authenticator by the user then after some time the SMS with OTP is sent to the user's mobile phone. Insert the OTP from SMS to the Password/Code cell and press the Login button. If everything is correct, then the user will be logged into the MAYI ID immediately. |
 |
Login process via username and OTP from the authenticator app
| 1 | On the signing page choose Receive OTP code option (button). |
|
| 2 |
Fill Username and OTP code from your authenticator app and press the Login button. This possibility must be configured by the administrator. |
|
Login via Connect Passkey
A prerequisite for logging in with Passkey is a Passkey token enrolled in Selfservice (or within the Enrollment process) - see details here.
Login process
| 1 | On the signing page choose the Connect Passkey option (button). |
|
| 2 |
Insert the Passkey token into the USB port and select the External security key option.
OR
Select a different device and scan the code with your device (iPhone, iPad, or Android Device). |
 |
| 3 |
The browser will ask the user to touch the Passkey token. In the case of devices with fingerprint readers then touch the device with the correct finger. In the case of a PIN-protected device, the system requests the PIN code. If everything is correct, then the user will be logged into the MAYI ID immediately.
OR
With the device, confirm your identity. |
 |
Login via the Emergency access code
A prerequisite for logging in with an Emergency access code is the generation of this code. There are two ways to obtain the code:
- In the Emergency access application after verifying the user's identity - see details here.
- By contacting an operator who can generate the code in the operations console
The emergency code can be used to log in as a replacement for a standard OTP or as part of the approval process. Its validity is defined based on a template, BUT this code is deactivated when any of the following operations are performed:
- when the OTP address in the token changes (virtual, SMS, email)
- the new token is enrolled
- the token is activated
Login process
| 1 | On the signing page choose Receive OTP code option (button). |  |
| 2 |
Fill Username and Emergency access code generated in the Emergency access application and press the Login button. If everything is correct, then the user will be logged into the MAYI ID immediately. Emergency access codes can have a limited number of uses, so you need to perform the necessary operations after the first login - based on the reason for using the emergency access code - such as removing broken tokens and enrolling new ones, etc. |
 |