HYPR Identity Provider

Overview

HYPR is a passwordless authentication platform that provides mobile biometric and other passwordless authentication solutions. The pre-requisite to using HYPR with FusionAuth will be to purchase or otherwise obtain access to the HYPR service and obtain a HYPR Application Id and a HYPR Relying Party URL. Once you have these two pieces of information you may complete the configuration. Visit https://www.hypr.com/fusionauth-passwordless-mfa/ to find out more.

Adding a HYPR login provider to FusionAuth is simple. This guide will walk you through the steps necessary to enable the HYPR login provider.

• Create a HYPR Identity Provider

Once you have completed this configuration you will be able to enable HYPR login for one or more FusionAuth Applications. There will not be a new login button rendered on the login form as there is for Facebook, Google or OpenID Connect, instead the user will only be prompted for an email address. If the user has one or more devices configured with HYPR the login will be completely handled by FusionAuth. If the user does not yet have devices registered with HYPR the password field will then be presented to the user to complete login with FusionAuth.

Create a HYPR Identity Provider

To create an Identity Provider navigate to Settings → Identity Providers and click Add provider and select HYPR from the dialog.

This will take you to the Add HYPR panel, and you’ll fill out the required fields. If you do not yet know the Application Id and Relying party URL you will need to obtain these values from HYPR.

To enable this identity provider for an application, find your application name in the Applications configuration section at the bottom of this panel. You will always see the FusionAuth application, this application represents the FusionAuth user interface. If you wish to be able to log into FusionAuth with this provider you may enable this application.

In the following screenshot you will see that we have enabled this login provider for the Pied Piper application and enabled Create registration. Enabling create registration means that a user does not need to be manually registered for the application prior to using this login provider.

For example, when a new user attempts to log into Pied Piper using HYPR, if their user does not exist in FusionAuth it will be created dynamically, and if the Create registration toggle has been enabled, the user will also be registered for Pied Piper and assigned any default roles assigned by the application.

If you do not wish to automatically provision a user for this Application when logging in with PiedPiper, leave Create registration off and you will need to manually register a user for this application before they may complete login with this provider.

That’s it, HYPR is now enabled for passwordless login.