Skip to main content
Version: Secure Access

Set Up Your Device with a Passkey

Last updated on

Overview

In this article, you’ll learn how to set up your device with a passkey so you can log in securely without passwords.

Important: In this process, you’re actually enrolling a credential that is tied to you (your identity), not just the device itself. Your device simply stores this passkey credential. A single device can hold multiple passkeys, and you can generate passkeys for multiple devices.

There are several ways to set up a passkey on your device:

  • Email with Magic Link – A link sent via email that, when clicked, starts the passkey enrollment process.
  • Magic Link (without email) – A direct link that can be shared to start enrollment.
  • 9-digit code – A numeric code entered to start enrollment.
  • Credential Extension – Extend an existing passkey from one device to another.
  • IDP Authorization – Use your identity provider to authorize the enrollment of a new passkey via the user console.

These flows all achieve the same result: your device will have a new passkey credential bound to your identity, enabling secure, passwordless access.

Note: The rest of this article focuses on enrollment via email. The magic link and 9-digit code methods work very similarly. If you're looking to extend a credential from one device to another, see:


caution

Only enroll passkeys on devices you control and are approved by your organization.


Steps

Enroll a Passkey on Your Device

  1. Open the invitation email from your IT team and click Set up Beyond Identity.

    self-enrollment

  2. Next, click Get Started.

    self-enrollment

  3. Since this is your first time downloading the Authenticator, click No, I don't have the Authenticator.

    self-enrollment

  4. Your operating system will be detected automatically, and you'll be prompted to download the appropriate Authenticator version. In this example, we click Download for the macOS Authenticator.

    self-enrollment

  5. After the file is downloaded, follow the instructions for Step 1, which will guide you through the installation process.

    self-enrollment

  6. Once the Authenticator installation is complete, return to the dialog box and click I've downloaded the authenticator.

    self-enrollment

  7. Next, click Create my passkey.

    self-enrollment

  8. After a brief moment, the Beyond Identity Authenticator will appear and display a banner confirming that "Your passkey was successfully created!"

    self-enrollment

That's it! A new passkey has not been installed in your device.