2.2 Apple Touch ID

Apple Touch ID enables you to authenticate to Mac operating system using the electronic fingerprint recognition feature available in Mac device. During enrollment, the Apple Touch ID captures the fingerprint. When you try to authenticate to a Mac device, the presented fingerprint is matched with the enrolled fingerprint. If the fingerprints match, you are authenticated.

NOTE:Ensure to install the Advanced Authentication Device Service before you enroll Apple Touch ID. For more information about the Device Service, see the Advanced Authentication - Device Service guide.

NOTE:You can enroll Apple Touch ID only for current login sessions in Mac operating system, and Touch ID session should be active for current users.

2.2.1 Enrolling the Apple Touch ID Authenticator

Perform the following steps to enroll the Apple Touch ID authenticator:

  1. Click the Apple Touch ID icon in Add Authenticator.

  2. (Optional) Specify a comment related to the Apple Touch ID authenticator in Comment.

  3. Specify the current login session account name in Account Name.

    User can see the current username in the right corner of the menu bar.

  4. Click Save to start enrolling.

    Two messages Please wait and "TouchIdservice" is trying to enroll are displayed.

    NOTE:If you are enrolling for another user who has logged in but not the current user, only Please wait message is displayed.

  5. Place the finger on the Touch ID reader.

    A message Authenticator "Apple Touch ID" has been added is displayed.

2.2.2 Testing the Apple Touch ID

Perform the following steps to test Apple Touch ID authenticator:

  1. Click the Apple Touch ID icon in Enrolled Authenticators.

  2. Click Test.

  3. Click Next

    Two messages Please wait and "TouchIdservice" is trying to authenticate are displayed.

    NOTE:If you are enrolling for another user who has logged in but not the current user, only Please wait message is displayed.

  4. Place the finger on the Touch Id reader.

    If the test is successful, a message Authenticator "Apple Touch ID" passed the test is displayed.

The following table describes the possible error messages along with the workaround for the Apple Touch ID authentication.

Error

Possible Cause and Workaround

User is not found

There is no such account for the current Mac device. Check the account name and try again

Touch ID not enrolled

Touch ID isn't enrolled for the specified user. Enable Touch ID in the Apple -> System Preferences -> Touch ID settings

Touch ID is locked

The user tried to log in with a wrong finger for five times. To enable Touch ID, log in the specified Account with Password

Touch ID is not available

Local user hasn't logged in to account yet

Cancelled by timeout

Operation was cancelled as the time for presenting fingerprint is out

Touch ID is cancelled by user

User not allowed for Device service to use the Touch ID

Device Service is not available

Device service isn't installed