Documentation
Everything you need to set up, configure, and manage wavekey continuous authentication for your organization.
Organization Setup
Connect your OneLogin tenant to wavekey and configure the Trusted IdP integration.
Service Providers
Connect Salesforce, Google Workspace, and more. Configure continuous authentication and browser-level protection.
User Enrollment
Enroll users with QR code scanning and admin-issued PIN verification for secure device registration.
Mobile App
Get started with the wavekey iOS and Android app — emit ultrasonic codes, scan QR codes, and authenticate hands-free.
Architecture Overview
wavekey is a continuous authentication platform that integrates with your existing identity providers. It works as a Trusted IdP alongside services like OneLogin, adding ultrasonic continuous verification to your authentication flow.
- Organization Setup — An admin connects their OneLogin tenant to wavekey via the invite flow, establishing OIDC trust.
- User Enrollment — When a user first logs in, a QR code is shown on screen and a PIN is sent to the admin. The user scans the QR with the wavekey mobile app and enters the PIN to bind their device.
- Continuous Auth — wavekey periodically re-verifies the user's identity via the mobile app while they use connected service providers.
- Browser Protection — The wavekey Chrome Extension monitors sensitive actions in connected apps (Salesforce, Google Workspace) for additional security.
Quick Links
| Topic | Description |
|---|---|
| Organization Setup | Connect your OneLogin tenant and configure the Trusted IdP |
| Connecting Salesforce | OAuth-based connection for Salesforce continuous authentication |
| Connecting Google Workspace | Domain delegation setup for Google Workspace protection |
| User Enrollment | Enroll users via QR code scanning and PIN verification |
| Chrome Extension | Browser-level protection for sensitive actions |
| Mobile App Guide | Using the wavekey app on iOS and Android |