Logging in with Passwordless

Edcel Ceniza Updated by Edcel Ceniza

 Read the legacy documentation here
Enable Passwordless in the Admin Console

The Passwordless feature is used as a backup if Active Directory login fails. It allows users to log in without needing a password.  All they need is an email address.

To enable the Passwordless feature, head to the Passwordless page under the System > Mail Token

Simply tick the 'Enable Passwordless' box and Save Settings.  From this screen you can also change the DeskDirector Name which is referenced in the email to the client (e.g. Awesome MSP Portal). DeskDirector will however automatically use the DeskDirector name you have configured at the client in this email.

This is also where you configure the email address and display name from which the email to the client with a token will be sent. This could be a valid address or a "no-reply" type address.

Setting up Company's Email Domain

Passwordless supports adding the email domain[s] for that client. This will be used as a method to determine which company the user works for and is critical in ensuring contacts are created under the correct company/account in your PSA, if we cannot find a contact with a matching email address.

  1. For each of your clients, under the Companies tab, search for their company, and click their name.
  2. In the window that follows, enter their email domain (e.g. deskdirector.com) and click Add then save. You can add multiple domains for a company if required.

That's all you need to do to enable Passwordless login.

User Login Process

After completing step 2, when users that haven't logged in previously, they will be given a dialog to enter their email and Request a login token.

  1. They enter their email address
  2. The user is prompted by login options (depending on their setup). Select "Sign in using email token"  .
  3. An email will be sent to that email address with a temporary token.  
  4. They can either click Login Now from the email, or copy the token and paste it into the login dialog.  The token only lasts 10 minutes, so make sure they need to complete this step quickly to ensure there are no issues.
  5. If the token never arrives or expires they can click Resend token

Once this is completed the user will be logged in and will not be prompted to login again.

User login flow diagram

The diagram below shows the login process when Passwordless is enabled.

Note the importance of having an email domain or Domain SID configured for your clients to ensure they are always able to login regardless of whether they exist in your PSA or not.
4. User login flow diagram

How did we do?

Enabling OAuth (Microsoft Login) for DeskDirector Portal

Global Magic Token: Logging in via URL