2 min read 421 words Updated Jun 08, 2026 Created Jun 08, 2026

First Login Experience

This page describes what your users see when they follow a sign-up link for the first time. It's helpful to know this so you can set expectations with your team before you send the invitations.

What the sign-up flow looks like

When a user opens a sign-up link, they're taken through a short three-step flow:

Step 1: Enter their details

The user sees a form asking for their name, email address, and username. All three fields are required.

The username is what appears in logs and on their profile. They can change their display name later in account settings, but the username is fixed after sign-up.

Step 2: Register a passkey

After filling in their details, the user is prompted to register a passkey. What they see depends on their device and browser:

  • On a Mac or iPhone: a Face ID or Touch ID prompt
  • On Windows: a Windows Hello prompt (PIN, fingerprint, or face)
  • On Android: a fingerprint or screen lock prompt
  • With a hardware security key: a prompt to insert and tap the key

The user follows the on-screen prompts. This usually takes about 10 seconds. Once registered, their passkey is stored securely on their device and linked to their Permiso account.

Tip for your users: A passkey isn't something you download or install. It's automatically created and stored by your browser or device. Think of it like a fingerprint for your account: you just need to be on a device you own.

Step 3: Land on the dashboard

After the passkey is registered, the user is taken directly to the Permiso dashboard. From here they can see the apps they have access to and manage their account settings.

Logging in after sign-up

To log in again, users visit https://[your-company].permisolabs.eu/login and follow the passkey prompt. No password is ever required.

If a user loses access to their device (and therefore their passkey), an admin can send them a one-time login link from the user management page.

What if a user doesn't have a passkey-capable device?

Most modern devices and browsers support passkeys, including Chrome, Safari, Firefox, and Edge when updated within the last two years. If a user is on an older device, they can use a hardware security key (like a YubiKey) instead.

If passkeys are completely unavailable, you can also enable magic link login from Settings → Administration → Application Configuration. That lets users log in via a one-time email link instead.