Use Touch ID Authentication with Allow Messages

Example Endpoint Privilege Management for Mac message with Touch ID activated.

When an end user activates Touch ID, their fingerprint can be used for authentication rather than a password. In an Endpoint Privilege Management for Mac implementation, Touch ID authentication can be used in place of password authentication on an Endpoint Privilege Management message dialog box, as shown here.

The PrivilegeManagement text in the dialog boxes is the name of BeyondTrust software and cannot be changed.

 

When creating a message, keep the following in mind:

  • An Allow message template must be used.
  • Authentication Method must be set to Password Only or Any.
  • The message cannot be combined with any other message types.

When Touch ID is not activated or available on the user's machine, then the user is presented with a message to enter their password.

Starting in Endpoint Privilege Management 23.1, you can configure Touch ID in the Policy Editor messages as an authentication method.

For more information, see Messages.