Authentication Options for the EMS Kiosk App

An Everyday User account is required prior to provisioning the EMS Kiosk App. The following authentication methods are supported for the EMS Kiosk App.

Primary Authentication

  1. Badge – Badge authentication provides the best user experience and security.

  2. Group Name/Email (Standard)

  3. Group Field (Exact Match)

  4. LDAP – LDAP authentication utilizes the everyday user's network ID field. So this field will need to be populated with the LDAP user name and match the Group's field used for exact match authentication within the Kiosk profile. See LDAP.

Secondary Authentication

If Badge is the Primary Authentication, the Secondary Authentication options are:

  1. Group Field (Exact Match)

  2. LDAP

  3. Group Name/Email (Standard)

Provisioning Authentication For the EMS Kiosk App

For provisioning authentication in the EMS Kiosk App, only LDAP and EMS Native authentication methods are supported.

If you as an everyday user want to use LDAP credentials to provision into Kiosk, you are required to have one-to-one mapping with the linked group. Which means, your account will need to have a matching external reference with only one group and the group should not be shared with any other everyday user account.

  1. Navigate to EMS Platform Services Admin Portal > Integrations tab and select the EMS Kiosk App client for provisioning authentication. Then, in the Everyday User Authentication Method field, select either LDAP or EMS Native from the field.

    • If selecting LDAP, ensure LDAP is configured per EMS LDAP authentication requirements.

    • If selecting Native authentication, configure the username and password field in the EMS Desktop Client menu bar. Click Configuration > Everyday User Applications > Everyday Users.

  2. Click Save.

    This setting controls the authentication method for EMS Kiosk App provisioning only. Everyday User authentication and validation within the EMS Kiosk App is managed per profile per Security Parameter.

  3. Clear cache in EMS Platform Services and in the EMS Web App Admin Portal.

    By default, the EMS Kiosk App uses secure cookies. We strongly recommend you use this approach in your production environment. However, you might want to test without SSL. To disable secure cookies in your test environment, add the following to appsettings.json inside the "PlatformOptions" section: