# ZTrust Authenticator App ### 1. Introduction The ZTrust Authenticator is a secure mobile application designed to offer different single factor as well as two-factor authentication (2FA) options, including Time-Based One-Time Passwords (TOTP), QR code scanning, Push notifications, and NFC-based authentication. These features provide additional layers of security for your accounts beyond passwords. These features provide different types of methods for user authentication. ### 2. System Requirements * Operating System: Android 10 or later * Internet Access: Required for account setup, push notifications, and syncing * Storage: 200 MB minimum * Permissions: * * Camera: For QR code scanning * NFC: For NFC-based authentication(NFC Enabled Device) * Internet: For push notifications(Allow Notification permission) ### 3. Installation * Go to PlayStore. Link:
\
* Go to AppStore. Link
* Now install the application and start the initial setup. ### 4. Getting Started #### Initial Setup * Visit the [ZTrust URL](https://preauth.ztrust.in/realms/ztrust-app/account) in your browser. * Click on the Register button to register yourself , if you're not registered.
Fig 4.1 * Provide the required details to create an account.
Fig 4.2 * After successful submission, you will be redirected to a page displaying a QR code.
Fig 4.3 * Open the ZTrust Authenticator app on your mobile device and click on the + button.
Fig 4.4 * Click the "Scan QR" button will open the scanner. Use it to scan the QR code displayed in the browser.
Fig 4.5 * Upon successful scanning, the app will generate a Time-Based OTP (TOTP).
Fig 4.6 * Enter the generated OTP in the TOTP field on the browser page and click Submit.
Fig 4.7 * You are now successfully logged into the self-service portal of ZTrust. * On your mobile device, confirm your password in the ZTrust Authenticator app and log in.
Fig 4.8 * You will be successfully logged into the app.

#### Adding a New Account Manually 1. Open the app and tap the "+" button as seen below.
Fig:4.1
2. Choose Configure Manually option to add an account:
Fig:4.2
* The Login Page will appear once the Realm Name and the Ztrust URL are successfully provided. Users need to ensure that both the Realm Name and the Ztrust URL are entered correctly for the login page to display.
Fig:4.4 * After entering the Realm Name and URL it will validate the realm and URL.
Fig:4.5 \
* On this page, we input our pre-registered "Username" and "Password" from the "Ztrust SSO."If "Password" and "Username" are correct, then the following fig:4.6 will show up. Your account will be added successfully.
Fig:4.6 5\. Biometrics and MPIN Login: If the user wants an alternative way to add an account, there are two options: “Biometric” and “MPIN”, there is a separate way.
Fig: 5.0 5.1.Biometrics:
Fig: 5.1.1 * When 'Biometric' is selected, the screen shown in Fig. 5.1.2 will appear, which activates biometric authentication. Once successfully authenticated, the account will be added, as shown in Fig. 4.6.
Fig:5.1.2
5.2.MPIN Login: * If the user selects 'MPIN,' he/she will be navigated to another page, as shown in Fig. 5.2.1 Here, they need to enter the PIN that is already registered in the “Ztrust SSO.” After entering the PIN, the account will be successfully added, as shown in Fig. 4.6.
Fig: 5.2.1 #### 6. Push Notifications * The user first has to select the Push Notification in the “ZTrust SSO” 2FA. (Refer Fig. 6.1.)
Fig: 6.1 * ZTrust Authenticator can receive push notifications from supported services. When logging in, a notification is sent to your device, and you can approve or deny the login attempt with a single tap.
Figure: 6.2 * Setup: In the profile page, if we enable 'Push Notification,' as shown in Fig. 6.2, this will make the device the primary device. A notification, as shown in Fig. 6.3, will be sent from the 'Ztrust SSO.' By clicking 'Accept,' the device will be set as the primary device, and if we click 'Deny,' the request will be rejected.
Fig:6.3 #### 7. Authentication Through QR Codes * The user first has to select the QR Code Authentication in the “ZTrust SSO” 2FA. (Refer Fig:6.1) * Some services provide a QR code during the 2FA setup. ZTrust Authenticator can scan this code to automatically add the service to your list of accounts.
Fig: 7.1 * Follow the on-screen instructions from the service to generate a QR code, then scan it using the "Add Account" feature in the app. #### 8. Time-Based One-Time Password (TOTP) * TOTP generates a 6-digit code that refreshes every 30 seconds. This code is used in combination with your password to log in. * Add the service using the QR code or manual setup, and the app will start generating TOTPs immediately.
Fig: 8.1 #### 9. NFC-Based Authentication * How It Works: For devices and services that support NFC-based authentication, you can simply tap your phone on an NFC tag or reader to authenticate securely. * Setup:You must register your NFC card before you can enable NFC in your account. When you click "ResisterThe NFC card," a pop-up window similar to the one in Fig:9.1 will appear.
Fig:9.1 * Now When you tap your NFC card, the pop will close and you will be able to register your card. As soon as 'Ztrust SSO' sends a request for an NFC card to be used as the primary device, we must tab your card in order to do this. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ztrust.gitbook.io/ztrust-documentation/user-manual-ztrust-v3.0/admin-manual/ztrust-authenticator-app.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.