User Experience with Passport

By Emalee Firestein

Understand what your users will experience when logging in to a Mac via the Passport Login Window

Logging in at the Passport Login Window with Mac Login

  1. At the Passport Login Window, the user will be presented with the Mac Login modal.
  2. In the username field, they will need to enter their full email address and IdP password.

  3. After a successful authentication, the user will be logged into macOS.

Logging in at the Passport Login Window with Web Login

Note: The example below features Passport with Okta Web Login.
  1. At the Passport Login Window the user will be presented with the Web Login modal for your specified IdP.

  2. If multi-factor authentication is enabled, the user will be prompted to respond to the MFA prompt on a trusted device.

  3. After a successful MFA authentication, the user will be prompted for their IdP password one final time.

  4. After a successful authentication, the user will be logged into macOS.

Switching Languages at the Passport Login Window

Users can configure specific language settings at the Passport Login Window. This is particularly useful if the end user is using a non-US standard keyboard.

Note: Once selected, the keyboard layout will persist after restart.
  1. In the upper-right corner of the Passport Login Window, click the Keyboard icon.

  2. Select the specific language setting for the keyboard layout.

Password Changes using the Kandji Menu Bar

Users can access the pre-defined password reset URL to initiate a password reset in your IdP.

  1. Click on the Kandji Menu Bar icon.
  2. Select the gear, and pull down to Reset Password.

  3. The reset password URL should launch in a new window. The user can then follow the steps to reset their IdP password.

Passport Password Sync Notifications

Every five minutes, Passport will perform a check against the IdP to determine if the local password on the Mac matches the password set for the user's account in the IdP. If the passwords do not match, the user will be prompted to enter their current IdP password in order to get the local and IdP passwords back in sync.