Skip to main content
Version: v1

Using Beyond Identity for Authentication

In the Getting Started section, we walked you over how to create a tenant, an application, as well as how to configure that application in order to authorize and authenticate a user with Beyond Identity.

Let's review those steps in a bit more detail in the following section.

Create a Realm

A realm is a namespace in your tenant that isolates identities and applications from other realms. All new tenants have a default realm called Beyond Identity Admin which should not be used to configure for delegate IDP purposes.

For more information on realms, see the Realms guide.

Create an Application

Applications hold the configuration necessary to integrate your existing software stack with our authentication experience.

For more information on applications, see the Applications guide and Authenticator Config.

Create an Identity

Before users can start authenticating with Beyond Identity, they must be provisioned in our directory.

For more information on user provisioning, see the User and Group Provisioning guide.

Get a Universal Passkey

Before authentication you will need a Universal Passkey. Use the identity you created above to bind a passkey.

Check out the Bind Passkey To User guide for more information.

Authenticate with a passkey

After you have a passkey bound to an identity, you are ready to authenticate.

Follow the Authentication with Passkey guide for next steps on authentication and token exchange.