Authenticating with the LogonBox Authenticator

Christopher Dakin


This article will guide you through how to use the LogonBox Authenticator app.

It is recommended to have a signed SSL certificate installed, as you may have issues with an untrusted certificate.


The LogonBox Authenticator is a mobile application that can be used for easy authentication to a LogonBox server.

You can add the LogonBox Authenticator module to any Authentication Flow. This will allow users to register the app through the User Login flow (or the selected flow if you enable registration) so that users can fully identify themselves with their password first.


Registering a user

A user would register by clicking on My Account on the main LogonBox portal and entering their current username and password.

Alternatively, if you allowed registration on any other Authentication Flow, the user can register directly from that flow (not recommended to allow registration for Account Unlock or Password Reset, any other flow should be okay as you will generally be providing other authentication during other flows).

As this user has not registered, they will then be prompted with a QR code along with links to the Android and Apple app stores.


If the user accesses this page from their mobile, then they may click through to install the application.


After the user has installed the application on their mobile device, log in to My Account from another system and get back to this QR code.

The app will initially present a page asking you to scan a QR code. Click the Scan QR to open the camera and provide permissions if asked.


Scan the QR code from the app, which will add this user to the app and perform an immediate authorization request.


On the web page, the user is presented with this page.


The user may now press AUTHORIZE on the LogonBox Authenticator to continue and log in to their account automatically.

If biometric authentication is turned on, this will be prompted just after pressing authorize.


The user's authenticator entry is now shown in the list.


From this list you can either swipe left or right.

Swiping left reveals options for Authorize and Reset Password.

Authorize can be used in cases where the push notification hasn't been received but you have an authentication request in progress with LogonBox.

Reset Password will take you directly to the Reset Password flow on an SSPR system.


Swiping right presents options for Delete and Manage Account.


Delete removes the configuration from the app (and server if it can).

Manage Account logs you directly onto My Account.


Example authentication 1: Performing a password reset

Now to reset a password the user clicks on Reset Password on the portal.


Enter the username and click Next.


The web page will display a prompt to verify your identity.




Press AUTHORIZE on the app.


You now get the prompt to reset your password.




Example authentication 2: Authenticating with the LogonBox VPN client

Launch the LogonBox VPN client and turn the connection on.


Enter your username and password when prompted and click Next.


You will then get the Authenticator prompt.


AUTHORIZE the request on the authenticator app.


Your client is now connected.