Proximity Login is Allthenticate's hands-free authentication feature for passwordless authentication It uses Bluetooth Low Energy (BLE) to detect your phone's presence near your computer and automatically logs you in to your organization's web apps — no passwords, no push notifications, no typing required.

While Allthenticate also supports proximity-based authentication for OS login (Windows, macOS, Linux), SSH access, and sudo commands, this guide focuses specifically on Proximity Login for web applications via SAML and OIDC single sign-on.

How It Works

Proximity Login relies on an established Bluetooth connection between your phone (running the Allthenticator app) and your computer (running the Allthenticate desktop software). Here's the flow for web application SSO:

  1. You navigate to a web app your organization has connected to Allthenticate (e.g., Google Workspace, Microsoft 365, Salesforce, etc.)
  2. The app redirects to Allthenticate for authentication.
  3. Because your phone is already connected to your computer via Bluetooth, Allthenticate detects your presence and automatically verifies your identity — no action required on your part.
  4. You're logged in. No password prompt, no MFA pop-up, no push notification.

This all happens in the background in a few seconds. Your phone can stay in your pocket or bag.

Important: How Proximity Login Gets Activated

First-Time Browser Pairing (Required)

The very first time you log in from a new browser, Proximity Login will not activate. Instead, you'll see a QR code on screen. You need to scan this QR code with the Allthenticator app on your phone to pair that browser with your phone.

This is a one-time trust step. It tells the system that this specific browser, on this specific computer, belongs to you. After you complete this QR code pairing, Proximity Login will activate automatically for all future sessions.

You Must Use Bluetooth Login First

If you've been logging in via the regular SAML SSO flow over the internet (e.g., typing your email and approving a push notification), that method does not activate Proximity Login for subsequent logins. This is because Proximity Login uses Bluetooth to emulate a USB security key connection — a fundamentally different channel than internet-based SSO.

To start getting proximity-based automatic logins, you need to complete at least one successful Bluetooth-based login (the QR code pairing flow described above). After that, Proximity Login will take over and log you in automatically whenever your session expires.

What Happens When You Manually Log Out

If you manually log out of a web application, Proximity Login will not automatically log you back in. A manual logout clears the browser's trust relationship. You will need to complete the QR code browser pairing again before Proximity Login resumes.