Skip to main content
This guide applies to Mac computers

About Passport

Passport is a feature in Iru Endpoint that allows logging into Mac computers using your organization’s Identity Provider of choice. This means you don’t need a separate password for your email and computer.

How It Works

Passport integrates with your organization’s Identity Provider to authenticate users at the macOS login screen. When you enter your IdP credentials, Passport verifies them and logs you into your Mac account automatically.

Logging in with Mac Login

When you arrive at the Passport Login Window, you’ll see the standard Mac Login interface. Enter your full email address in the username field and your Identity Provider password in the password field. After successful authentication, you’ll be logged into macOS automatically.

Logging in with Web Login

The example below features Passport with Okta Web Login. If you are not presented with a similar prompt when you login, you can skip this section.
When using Web Login, you’ll see your Identity Provider’s login interface directly in the Passport Login Window. This example shows Okta, but your organization may use a different Identity Provider. If multi-factor authentication is enabled, you’ll be prompted to respond to the MFA prompt on a trusted device. After successful MFA authentication, you’ll be prompted for your Identity Provider password one final time. After successful authentication, you’ll be logged into macOS automatically.

Logging In Locally with Web Login

If Local user access is enabled in your Passport settings, users have the option to switch to Local Login.
1

Click Profile icon

Click the Profile icon at the top right of the Login Window.
2

Switch to Local Login

Click the Switch to Local Login button.
3

Enter local credentials

Enter the Username and Password for the local user into the fields and press Enter.
4

Switch back to Web Login

To switch back to Web Login, click the Web Login icon.
5

Confirm Web Login switch

Click Switch to Web Login.

Migrating Accounts

After authenticating at the Passport Login Window, you may have a dialog for migrating a local user. This will essentially merge your local user with your Passport login. You will want to migrate your existing user if you want to be able to access all of the information stored in the local user when using Passport login.
1

Select migration option

Select the Migrate my existing account radio button.
2

Continue migration

Click Continue.
3

Select local user

Select the local user you would like to merge with your Passport login from the drop-down menu.
4

Enter local user password

Enter the password for your local user account.
5

Continue with migration

Click Continue.
6

Complete migration

Click Migrate Account.

Switching Languages at the Passport Login Window

You can configure specific language settings at the Passport Login Window. This is particularly useful if you are using a non-US standard keyboard. Once selected, the keyboard layout will persist after restart.
1

Click Keyboard icon

In the upper-right corner of the Passport Login Window, click the Keyboard icon.
2

Select language setting

Select the specific language setting for the keyboard layout.

Password Changes using the Iru Endpoint Menu Bar

You can access the pre-defined password reset URL to initiate a password reset in your Identity Provider.
1

Click Menu Bar icon

Click on the Iru Endpoint Menu Bar icon.
2

Select Reset Password

Select the gear, and pull down to Reset Password.
3

Follow password reset steps

The reset password URL should launch in a new window. You can then follow the steps to reset your Identity Provider password.

Passport Password Sync Notifications

When the option is set in the Passport Library Item to Securely store the user’s password, every five minutes, Passport will perform a check against the Identity Provider to determine if the local password on the Mac matches the password set for your account in the Identity Provider. If the option in the Passport Library Item is set to not securely store the user’s password, password synchronization only occurs at each login.