UniFi Identity Enterprise - Upgrade to UniFi Identity Enterprise

Overview

Requirements

Before upgrading to UniFi Identity Enterprise, please ensure that you have met the following requirements:

  • You are the UniFi OS owner.
  • Your UniFi Console model is listed in the table below.
Model One-Click WiFi One-Click VPN (OpenVPN) One-Click VPN (WireGuard VPN) Door Access Camera Sharing EV Station
Dream Machine Base (UDM-Base) Supported Supported Supported Unsupported Unsupported Unsupported
Dream Machine Pro (UDM-Pro) Supported (Requires UAP) Supported Supported Supported Supported Supported
Dream Machine SE (UDM-SE) Supported (Requires UAP) Supported Supported Supported Supported Supported
Dream Machine Pro Max (UDM-Pro-Max) * Supported (Requires UAP) Supported Supported Supported Supported Supported
Dream Wall (UDW) Supported Supported Supported Supported Supported Supported
Network Video Recorder (UNVR) Unsupported Unsupported Unsupported Supported Supported Unsupported
Network Video Recorder Pro (UNVR Pro) Unsupported Unsupported Unsupported Supported Supported Unsupported
Cloud Key Gen2 Plus (UCKP) Unsupported Unsupported Supported Supported Supported Supported
Cloud Key Gen2 (UCK) Unsupported Unsupported Supported Unsupported Unsupported Unsupported
Cloud Key Enterprise (UCK-Enterprise) Unsupported Unsupported Supported Unsupported Unsupported Unsupported

* Requires Dream Machine Pro Max 4.0.3 (EA) or later.

Data and Configuration Migration

Note: We strongly recommend that you back up your UniFi Console before upgrading to UniFi Identity Enterprise.

NFC Card and PIN: Users’ NFC cards and PINs can be imported to Identity Enterprise when the following requirements are met:

  • You have never added a UniFi Console with NFC cards or PINs registered to your current workspace. If you have multiple consoles to add, only the NFC cards and PINs registered in the first console can be imported to your workspace. Even if you remove the first console from your workspace, the NFC cards and PINs of the remaining consoles still need to be re-registered.
  • You have imported UniFi OS users to Identity Enterprise.

Mobile Access, One-Click WiFi, One-Click VPN, EV Station, and Camera: Users can access these resources assigned to them using their Identity Enterprise apps when the following requirements are met:

Create a New Workspace

Requirements

  • Your email address has never been used to create an Identity Enterprise workspace. See the FAQ for details.
  • Your UniFi Console has never activated more than 3 workspaces. Otherwise, please add your console to an existing workspace.

Create a New Workspace

UniFi OS 3.1.x

UniFi OS 3.2.x

  1. Go to your UniFi or Local Site Manager and select a console.
  2. Go to OS Settings > Applications > Identity application.
  3. Click Install > Set Up.
  4. Select Create New Workspace and tick the I agree to Identity Enterprise’s Privacy Policy and End User License Agreement checkbox.
  5. Select a subscription plan and click Upgrade Now. The Standard Plan is currently only available in the U.S.
  6. Read the important notice and click Continue.
  7. Select users whom you want to migrate to your Identity Enterprise workspace. The migrated users can be managed in your Identity Enterprise Manager and you can assign resources to them. You can also skip this step and perform this action later.
  8. Once your UniFi Identity Enterprise is activated, you will receive a notification in your email inbox and UniFi mobile app (If your console model is UNVR or UNVR Pro, the instructions will be sent to your UniFi Protect mobile app).
  9. Open your email inbox or UniFi mobile app, follow the instructions to set up your account, and start exploring One-Click WiFi, One-Click VPN, and other powerful features.
  1. Do either of the following:
    • Go to your UniFi Site Manager (https://unifi.ui.com) > select a console > OS Settings > Console Settings > Identity Enterprise > Upgrade.
    • Go to your Local Site Manager (https://your_console_ip) > select a console > OS Settings > Identity Enterprise.
  2. Select Create New Workspace and tick the I agree to Identity Enterprise’s Privacy Policy and End User License Agreement checkbox.
  3. Select a subscription plan and click Upgrade Now. The Standard Plan is currently only available in the U.S.
  4. Read the important notice and click Continue.
  5. Once your UniFi Identity Enterprise is activated, you will receive a notification in your email inbox and UniFi mobile app (If your console model is UNVR or UNVR Pro, the instructions will be sent to your UniFi Protect mobile app).
  6. Open your email inbox or UniFi mobile app, follow the instructions to set up your account, and start exploring One-Click WiFi, One-Click VPN, and other powerful features.

Customize Workspace Domain

Once your Identity Enterprise workspace is created, the system will automatically generate a workspace domain. Your Identity Enterprise users can access their workspace via https://[your workspace domain].ui.com. To customize your workspace domain, please follow the steps here.

Add a Console to an Existing Workspace

After you have created and activated your UniFi Identity Enterprise workspace, you can add multiple consoles to your workspace.

Note: A site or a workspace can include multiple UniFi Consoles. But a UniFi Console can only be added to one site or one workspace.

UniFi OS 3.1.x

UniFi OS 3.2.x

  1. Go to your UniFi or Local Site Manager and select a console.
  2. Go to OS Settings > Applications > Identity application.
  3. Click Install > Set Up.
  4. Select Add to Existing Workspace.
  5. Obtain the security token. Note: Only the workspace owner, super admin, and custom roles with the permissions to edit UniFi Console can generate a security token.
    1. Go to your Identity Enterprise Manager > Settings > UniFi Consoles > Consoles.
    2. Click the Add Console icon.
    3. Enter the token description, set the validity period, and click Create.
    4. Verify your account with an MFA method.
    5. Click Copy to copy the token. The token expires in 10 minutes.
  6. Return to your Identity application, paste the security token you just copied, and select to add this console to an existing site. Please select a site carefully. Otherwise, you will have to delete the console from UniFi Identity Enterprise and repeat the steps above to change a site.
  7. Click Add Console.
  8. Read the important notice and click Continue.
  1. Do either of the following:
    • Go to your UniFi Site Manager (https://unifi.ui.com) > select a console > OS Settings > Console Settings > Identity Enterprise > Upgrade.
    • Go to your Local Site Manager (https://your_console_ip) > select a console > OS Settings > Identity Enterprise.
  2. Select Add to Existing Workspace.
  3. Obtain the security token. Note: Only the workspace owner, super admin, and custom roles with the permissions to edit UniFi Console can generate a security token.
    1. Go to your Identity Enterprise Manager > Settings > UniFi Consoles > Consoles.
    2. Click the Add Console icon.
    3. Enter the token description, set the validity period, and click Create.
    4. Verify your account with an MFA method.
    5. Click Copy to copy the token. The token expires in 10 minutes.
  4. Return to Identity Enterprise in your OS Settings, paste the security token you just copied, and select to add this console to an existing site. Please select a site carefully. Otherwise, you will have to delete the console from UniFi Identity Enterprise and repeat the steps above to change a site.
  5. Click Add Console.
  6. Read the important notice and click Continue.

Understand Account Types

This table outlines each account type and its respective permission(s). Refer to this article for more information on connecting to UniFi Site Manager or Local Site Manager.

Account Description Purpose
UI Account
  • Can access multiple authorized UniFi Consoles locally or remotely. 
  • Can only be managed in OS Settings > Admins & Users.
  • Access UniFi Site Manager
  • Access Local Site Manager
Local Credentials
  • Can only access one authorized UniFi Console locally.
  • Can only be managed in OS Settings > Admins & Users.
Access Local Site Manager
UniFi Identity Enterprise Account
  • Can access multiple authorized UniFi Consoles remotely. 
  • Can only be managed in Identity Enterprise Manager.
Access UniFi Site Manager by redirecting from Identity Enterprise Workspace

FAQ

Can I use the same email address to create more than one UniFi Identity Enterprise workspace?

No. An email address can be used to activate only one UniFi Identity Enterprise workspace. Here are alternative approaches if you want to use the same email address for the workspace owner across different workspaces.

I have deactivated UniFi Identity Enterprise on a UniFi Console. Can I reactivate it on the console?

Yes. You can reactivate UniFi Identity Enterprise on the UniFi Console in two ways: by creating a new Identity Enterprise workspace on the console or by adding the console to an existing workspace. See this FAQ for details.

Was this article helpful?
31 out of 48 found this helpful