MFA Guides

Binding Local Accounts to RapidIdentity MFA Server

Starting with RapidIdentity MFA Server, Mac users can bind their local Mac account to their RapidIdentity MFA Server account. The advantage of this feature is to allow a user that may not be domain-joined to authenticate with their domain account methods. This feature is possible with PingMe and OTP.

The binding process requires RapidIdentity Mac Client to be configured in server mode and users have must previously enrolled PingMe or OTP as an authentication method with their MFA Server account.

Follow these six steps to bind a local account to RapidIdentity MFA Server.

  1. Install RapidIdentity Mac Client in Server mode.

    1. The RapidIdentity MFA Server URL format is http://<server>/oneService/SyncService.asmx.

  2. Authenticate using the local Mac username and password.

  3. Restart the computer.

  4. Click the PingMe or OTP tiles to authenticate and enter the RapidIdentity MFA Server username and password.

    1. The RapidIdentity MFA Server username format is DOMAIN\username.

  5. Approve the PingMe notification in the RapidIdentity Mobile app or enter the OTP code.

  6. Enter the local Apple device account username and password to complete the authentication.


At this point, the local Apple device user account is bound to the RapidIdentity MFA Server account.