Skip to main content
Skip table of contents

TrustBuilder Authenticator - Desktop app

Version 7.x for Windows, MacOS and Linux

  • Authenticator 7 is deployed on Android and iOS.

Fill out this form if you wish to participate in the beta program.

TrustBuilder Authenticator has been fully redesigned in version 7, offering an enhanced user experience. This page refers to the latest version.

If you are still using version 6 of TrustBuilder Authenticator, please refer to the previous documentation.

Installing TrustBuilder Authenticator

TrustBuilder Authenticator Desktop is compatible with the following operating systems:

  • Windows: available as .exe, .msi, or via the Windows Store.

  • MacOS: available on TrustBuilder website.

  • Linux: available as an .AppImage file.

Please check the details of the Minimum Requirements and Supported Versions for Windows, as well as the Authenticator version lifecycle.

Windows

Deployment options

File

Purpose

Steps

Executable file (.exe)

For individual users downloading manually from the App Downloads page.

  1. Download the .exe file from the App downloads page.

  2. Run the .exe file and follow the installation prompts.

MSI package (.msi)

For administrators deploying across multiple machines using scripting or GPO.

  1. Download the .msi file from the Resources Downloads page.

  2. Deploy the .msi file using administrative tools like GPO, SCCM, or Intune for centralized distribution.

Windows Store

Simplified installation and update process.

AVAILABLE SOON Download and install from the Windows Store.

Upgrading from version 6 to version 7

Upgrading from versions older than 6.19.3 to version 7 will delete your account data and you will need to reactivate your account. Install version 6.19.3 first to avoid data loss.

Versions

Upgrade procedure

Version 6.19.3 and higher

  1. Download TrustBuilder Authenticator 7.

  2. Install the application.

Your account data will be preserved, and you can start using the app.

Versions lower than 6.19.3

  1. Download and install Authenticator 6.19.3:

  2. Generate an OTP to verify that your account is functional.

  3. Download and install Authenticator 7.

Proxy

TrustBuilder Authenticator for Windows will use the PROXY - HTTP_PROXY - HTTPS_PROXY environment variables when they are defined.

To ignore any proxy settings, you can add the environment variable NO_PROXY with any value.

MacOS

AVAILABLE SOON

Linux

AVAILABLE SOON

Known limitations

  • Proxy support: available soon.

  • Authentication to the Admin Console V2 (in Preview) is not supported

  • Pin Pad visibility (when using theme editor)

With the ‘Default’ or ‘Azure AD’ theme applied to Authenticator 7, button of the pinpad may not be very visible. To resolve this issue, you can disable any Active theme

  1. Log in to Admin Console v2.

  2. Go to Settings > Graphical Themes > Change Active Theme

  3. Select "None" and save.

The change will be applied to users as soon as they perform an operation that synchronizes the app with the back end (authentication, OTP generation, etc.).

Checking if a theme is applied to your service

To check if a theme is applied to your service, use:
https://ult-inwebo.com/themes/<serviceid>/theme-<serviceid>.json
(Replace <serviceid> with your actual service ID.)

  • "activateTheme": false → (corresponds to "None" in Admin Console).

  • "activeindex": 0 → Default theme is applied.

First app launch

To get started with TrustBuilder Authenticator app, you should first add a new account.

Prerequisite: an activation code (contact your administrator).

  1. Launch TrustBuilder Authenticator application.

  2. Check “I agree” to give your conse

  3. nt to the Privacy Policy.

  4. Click on Activation code.

  5. Enter a valid Activation code and click the validate button.

  6. Define or enter your PIN code.

You have successfully added your account. Your device is now activated as a trusted device. You can use it for authentication.

Overview

From the home page you can perform several actions:

image-20250106-105639.png

Get pending operations: check pending operation such as authentication requests or transaction confirmation requests.

Generate One Time Password: generate a One-Time Password (OTP) and enter it in the authentication page.

Windows Logon (see below “Authenticate with the app“) : open a Windows session.

image-20240729-095159.png (user icon): manage your account (PIN, trusted devices) or add a new account.

image-20240729-095353.png (cogwheel icon): see and configure your application (language, theme, app version).

Authenticate with the app

There are several ways to authenticate using the TrustBuilder Authenticator application. Depending on how your service settings are configured, you may be able to authenticate using the following methods:

  • Receive a push notification,

  • Retreive pending operations,

  • Generate a One-Time-Password (OTP),

  • Windows Logon.

Receive a push notification

You will receive a push notification trough TrustBuilder Authenticator app. Push notifications can be sent automatically or triggered manually, depending on the configuration. You should then approve or reject the pending operation. Each approval operation is protected by PIN code (except for services without PIN).

  1. On the authentication page, click OK to trigger the push notification.
    This step may not occur depending on the configuration. The push notification can be sent automatically.

  2. Click on the notification to open the application.

    Authentication request 7 desktop.gif

  3. Accept or reject the authentication request.
    Enter your PIN if requested.

Retrieve pending operations

(Previously called "Authorize a connection" in version 6)
This feature allows the app to fetch any active pending operations when no notifications are available.

  1. On the app’s home page, click on Pending operations.

    image-20250106-132208.png

  2. If there is more than on pending operations, select the relevant one from the list.

  3. Approve or reject the operation.
    Enter your PIN code if requested.

Generate a One-Time-Password (OTP)

Generate a One-Time-Password (OTP) in TrustBuilder Authenticator app. The generated OTP should be manually entered in the TrustBuilder MFA authentication page. You have 30 seconds to input the OTP. To generate an OTP, the user must provide the PIN code (except for services without PIN).

  1. Go to “Generate One-Time Password”.

  2. Enter your PIN if requested.

  3. On the authentication page, enter the OTP and click on OK.
    You have 30 seconds to input the OTP.

    desktop.png

Windows Logon

For Windows sessions protected by TrustBuilder MFA, you can authenticate by:

  • Receiving a push notification,

  • Retrieving pending operations,

  • Generating a code if offline.

    WL-pushsent (1).png

For more details, see the TrustBuilder User Experience.

Accept or Reject an authentication request

When receiving an authentication request, the app will ask 'Did you initiate this authentication?'.
There are two options:

  • Yes, it's me – Confirm your identity by entering your PIN (or any other enabled authentication factor) to proceed.

  • No – In this case, you can choose one of the following actions:

    • Ignore this authentication: the request remains active. It can still be approved from another device.

    • Reject this authentication: the request is canceled and cannot be approved anymore. This option is useful if you suspect the request is malicious.

Configuration

Managing accounts

Adding a new account

  • Prerequisite: you should have a valid activation code for the account you wish to add.

How to get an activation code?

  • Contact your administrator
    or

  • From a web-browser, go to https://www.myinwebo.com/ > My Devices > Add a device
    or

  • From TrustBuilder Authenticator app on another device, click on the user icon > Manage my account > Trusted devices > + Add a trusted device

  1. Click on the user icon in the top-right corner.

  2. Click on Add an account.

  3. Select QR code or Activation code depending on your case.

  4. Enter a valid Activation code to add a new account on this device.

Your account is successfully added to TrustBuilder Authenticator app on the current device.

Switching between accounts

If you registered for more than one service, you may need to switch from one account to another.

  1. Click on the user icon on the top right corner.

  2. Click on the account you wish to use.

Removing account from the app

Removing your account from the application in the current device means that the account and all its data will be removed from the current trusted device.

  1. Click on the user icon in the top-right corner.

  2. Go to Manage my account > Remove this account.

  3. Click on Remove this account then on Yes, remove to confirm your choice.

Your account has successfully been removed

The account will still be effective if it is activated on another trusted device. You can always reactivate your account on the current trusted device using an activation code.

Setting account recovery information

TrustBuilder requires a valid email address in case your account gets locked or your devices are lost. This email may be used for identification purposes when requesting account restoration via http://myinwebo.com. It may also be used to receive a restore code to unlock your trusted authentication devices.

To set or update your account recovery email:

  1. Click on the user icon in the top-right corner.

  2. Go to Manage my account > Recovery email.

    • If the email address is verified, you can update it.

    • If the email address is not verified, you can:

      • Click Resend email to receive a verification email. Follow the instructions to verify your email address.

      • Click Modify email address to change the registered email address.

Displaying account information

To display your account information:

  1. Click on the user icon in the top-right corner.

  2. Go to Manage my account > Account information.

Your account and some context information are displayed. This could be useful for the helpdesk team when troubleshooting any issue the user might have.

Account information

  • Account :

    • Login → current user’s login

  • Support information:

    • Device alias → the alias of the current device

    • Notification reception → the status of the notification registration

    • Platform version → this information will be useful during platform upgrades.
      Default is 1 for the current platform

Managing PIN

Modifying your PIN

  1. Click on the user icon in the top-right corner.

  2. Go to Manage my account > Security.

  3. In PIN section, click on Modify.

  4. Enter your current PIN and define your new PIN (4 to 6 digits).

  5. Click on Modify my PIN to save.

Your new PIN has been successfully modified.

Resetting your PIN

Prerequisite: a Reset code

  1. Click on the user icon in the top-right corner.

  2. Go to Manage my account > Security.

  3. In PIN section, click on I forgot my PIN.

  4. Enter your reset code.
    If you don’t have a reset code, click on “I don’t have a reset code” and follow the instructions.

  5. Click on Verify.

  6. Define your new PIN (4 to 6 digits).

  7. Click on Define my new PIN to save.

Your new PIN has been successfully reset.

Managing trusted devices

Adding a new trusted device

You can generate an activation code to be used to add a new trusted device to your account.

  1. Click on the user icon in the top-right corner.

  2. Go to Manage my account > Trusted devices.

  3. Click on + Add a trusted device.

Ann activation code will be displayed. Use either one on the new trusted device to add it to your account.

Renaming a trusted device

  1. Click on the user icon in the top-right corner.

  2. Go to Manage my account > Trusted devices.

  3. In your trusted devices list, click on the trusted device to be renamed.

  4. Click on the pen icon in the top-right corner.

  5. Rename the trusted device and click on Update to save.

The selected trusted device has been successfully renamed.

Lock a trusted device

You can lock any trusted devices registered in your account, except the one you are currently using.

  1. Click on the user icon in the top-right corner.

  2. Go to Manage my account > Trusted devices.

  3. In your trusted devices list, click on the trusted device you want to lock.

  4. Click on Lock this trusted device, then confirm by clicking Yes, lock.

The selected trusted device has been successfully locked.

Deleting a trusted device

You can delete any trusted devices registered in your account, except the one you are currently using.

  1. Click on the user icon in the top-right corner.

  2. Go to Manage my account > Trusted devices.

  3. In your trusted devices list, click on the trusted device you want to delete.

  4. Click on Delete this trusted device, then confirm by clicking Yes, delete.

The selected trusted device has been successfully deleted.

App settings

Setting the app's language

  1. Click on the cogwheel icon in the top-left corner to access the application settings.

  2. Click on Language.

  3. Select your language.

The application switches to selected language.

The application's default language is determined by the phone's system language. If the system language is not supported, the application will default to English.

The following languages are supported by the application:

  • English

  • Deutsch (German)

  • Nederlands (Dutch)

  • Español (Spanish)

  • Français (French)

  • Italiano (Italian)

  • 中文 (Chinese)

Setting light/dark mode

  1. Click on the cogwheel icon in the top-left corner to access the application settings.

  2. Click on Mode.

  3. Select a mode:

    • Light → your application will switch to light mode.

    • Dark → your application will switch to dark mode.

    • System → the mode will follow your device’s settings.

The application switches to the selected mode.

The application's default mode is determined by the phone's system mode.

App version

To get your application version, click on the cogwheel icon in the top-left corner. In the About section, you will see the “Application version” parameter.

Defining your Antiphishing seal

This secret sentence is displayed in browsers authentication pages, whenever you are requested to enter your PIN code. It gives you a guarantee that you are directly connected with TrustBuilder servers and not with anyone else.

  1. Click on the user icon in the top-right corner.

  2. Go to Manage my account > Security > Antiphishing sentence.

  3. Define or edit your antiphishing sentence.

  4. Click on Save.

Your antiphishing sentence has been successfully defined/updated. It will be displayed in browsers authentication pages.

Accessibility Features

TrustBuilder Authenticator 7th version is designed to be accessible for users with various disabilities, in line with WCAG 2.1 guidelines. Below are the key accessibility features available in the app:

  • Screen Reader compatibility
    TrustBuilder Authenticator is compatible with VoiceOver (macOS) and Narrator (Windows). Users can navigate the app's menus, input fields, and authentication processes. Just turn on the screen reader on your device, and the app will provide voice instructions.

  • Keyboard navigation
    Users can navigate the app using keyboard shortcuts. Use the “Tab key” to move between elements and “Enter” to select. The app follows a logical tab order to ensure seamless navigation.

  • Text Size and Contrast
    TrustBuilder Authenticator app supports dynamic text scaling. Users can adjust the font size in their device settings and the app will automatically update to reflect the changes. The app also supports the high-contrast text mode, which changes the text to black or white to improve visibility against the background.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close