How to configure Sapho to allow users to set PINs for mobile login

Last update:

Audience: Developers building Sapho micro apps

In addition to the traditional password-based sign in, Sapho also supports login with a PIN code to make it safer and easier for users to access their micro apps. Currently, Sapho only supports PIN login for Active Directory.

How to enable and configure PIN logins

Perform the following steps:

  1. Log in to Sapho builder.
  2. Go to Security.
  3. Edit your Active Directory security provider.
  4. Click the toggle button under ‘Allow Users to set a PIN to Access Apps’ to enable this feature.
  5. Set the number of days the PIN will be valid. When a PIN expires, the user will have to enter his or her Active Directory username and password again and then set a new PIN. The default is 30 days.
  6. Set the maximum number of failed PIN login attempts. The default is 3 attempts.
  7. Go to the Apps with Access tab. Make sure that your Home App and any other micro apps can be accessed by the correct Active Directory groups.
  8. Go back to the Provider Details tab and click Save Settings.

How to test the PIN login feature

Perform the following steps:

  1. Open the Sapho app.
  2. Enter the URL of your organization’s Sapho server.
  3. Log in with your Active Directory username and password.
  4. You’ll be prompted to set up a PIN.
  5. Set a PIN. The length of the PIN can be between 4 and 8 digits (0–9 only; no letters or special characters allowed).
  6. After clicking Save, you’ll be redirected to the Feed page of the Home App.

For more details about how the PIN login feature works for end users, click here.

Where is the PIN stored?

The information that a PIN was set for the Sapho app is stored locally on the device. The PIN for each individual user is stored in the app_user table in the Sapho Server database and it’s hashed like a standard password.