HYPR Identity Provider
Available since 1.12.0
HYPR is a passwordless authentication platform that provides mobile biometric and other passwordless authentication solutions. The pre-requisite to using HYPR with FusionAuth will be to purchase or otherwise obtain access to the HYPR service and obtain a HYPR Application Id and a HYPR Relying Party URL. Once you have these two pieces of information you may complete the configuration. Visit https://www.hypr.com/fusionauth-passwordless-mfa/ to find out more.
Adding a HYPR login provider to FusionAuth is simple. This guide will walk you through the steps necessary to enable the HYPR login provider.
Once you have completed this configuration you will be able to enable HYPR login for one or more FusionAuth Applications. There will not be a new login button rendered on the login form as there is for Facebook, Google or OpenID Connect, instead the user will only be prompted for an email address. If the user has one or more devices configured with HYPR the login will be completely handled by FusionAuth. If the user does not yet have devices registered with HYPR the password field will then be presented to the user to complete login with FusionAuth.
Create a HYPR Identity Provider
To create an Identity Provider navigate to
Add provider and select
HYPR from the dialog.
This will take you to the
Add HYPR panel, and you’ll fill out the required fields. If you do not yet know the Application Id and Relying party URL you will need to obtain these values from HYPR.
To enable this identity provider for an application, find your application name in the
Applications configuration section at the bottom of this panel. You will always see the
FusionAuth application, this application represents the FusionAuth user interface. If you wish to be able to log into FusionAuth with this provider you may enable this application.
In the following screenshot you will see that we have enabled this login provider for the
Pied Piper application and enabled
Create registration. Enabling create registration means that a user does not need to be manually registered for the application prior to using this login provider.
For example, when a new user attempts to log into
Pied Piper using HYPR, if their user does not exist in FusionAuth it will be created dynamically, and if the
Create registration toggle has been enabled, the user will also be registered for
Pied Piper and assigned any default roles assigned by the application.
If you do not wish to automatically provision a user for this Application when logging in with PiedPiper, leave
Create registration off and you will need to manually register a user for this application before they may complete login with this provider.
That’s it, HYPR is now enabled for passwordless login.
- Application Id Required
The unique application Id issued to you by HYPR to provided access to their API.
- Relying party URL Required
The relying party URL issued to you by HYPR to provided access to their API.
- Reconcile lambda Optional Available since 1.17.0
A lambda may be utilized to modify the User or Registration during login.
To configure a lambda, navigate to.
- Debug enabled Optional defaults to
Enable debug to create an event log to assist you in debugging integration errors.