Zoho One provides single sign-on for all cloud applications, but employees need to log in to their devices with a different set of credentials. Enabling Device Authentication lets you enroll and manage all your workspace devices like macOS, Windows, and Linux, as well as applications in your organization with a single set of credentials. In other words, multiple devices can be authenticated with the technique of single encryption. This is performed by synchronizing your Zoho One password with the logins of a device.

 

A Device Authentication lifecycle starts with enabling a new device, followed by device enrollment. After enrollment, a user is assigned or unassigned from their device by their IT admin, as per the organization's needs.

 

IT admins can perform critical actions such as assign/unassign device, deactivate/activate device, change permission, reset password, and sync password directly from Zoho One, thus saving a lot of time.

Once a device is configured and enrolled, you can assign a user to that device. After assigning the user to the device, the user will be able to access the device and all the Zoho One apps using the same set of credentials. Learn more

 

When a user no longer uses their device or leaves the organization, you can unassign the user from their device and they will no longer have access to it. The device can be assigned to a different user at a later point of time. Learn more

If an enrolled device is defective, damaged, lost, misplaced, stolen, or no longer in use, you can deactivate the device. Once the device is deactivated, no user can access the device until the device is reactivated. Learn more

 

When an enrolled device is no longer required for an organization, the device can be deleted from Zoho One. Once the device is deleted, it cannot be reactivated, as it would have been permanently removed from Zoho One and hence it stops being managed by Zoho One anymore, but the device can be re-enrolled. Learn more

 

Organization owner will decide on the user's permission, whether the permission requirement is administrator or standard. Permission can be changed for the users as per the needs of the organization.

 

When the above actions are performed on an enrolled device that goes unreachable or offline, none of the actions will be completed and will instead be scheduled to take place later when it is back with suitable conditions. These are said to be pending actions, which will be completed in priority once the device is reachable or online. Learn more