This article will introduce you to UID, identify what you'll need to get started, describe how to set up your workspace, and provide an overview of the UID Agent application.
- UID overview
- Setup requirements
- Set up UID
- Configure your workspace
- Access the UID Portal on a web browser
- Use the UID desktop applications and mobile apps
- UID features
- Frequently asked questions
UID is an Identity-as-a-Service (IDaaS) platform that provides Cloud-based identity authentication and management services to enterprises. It provides a simple, secure way for you, your employees, visitors, and customers to protect your network and physical space.
With UID, you can:
- Add, edit, and remove users quickly and securely.
- Manage user access with an elegant, easy-to-use interface.
- Connect to your corporate WiFi or VPN with a single click or tap.
- Verify every registered user and device with sophisticated single sign-on (SSO) and multi-factor authentication (MFA) services. The SSO feature is available on the UID Pro Plan.
Note: Currently, UID is supported in the United States and Canada. We are working on expanding our services to the EU.
To use UID, you will need:
- A UniFi OS Console, such as a Dream Machine Pro (UDM Pro), Dream Machine (UDM), Dream Machine Pro SE (UDM SE), or Network Video Recorder Pro (UNVR Pro).
- UniFi Access devices and the UniFi Access application are required to use the UID Access feature (optional).
Set up UID
Before installing UID, please ensure that you have:
- Set up a compatible UniFi OS Console, listed below, and fully updated its firmware.
- UDM and UDM Pro: Version 1.9.0 and later
- UCK Gen2 Plus: Version 2.1.7 and later
- Created backups of your UniFi OS Console and configuration data.
If you are migrating UniFi Access devices to UID, please note that:
- Users and devices can only be managed in the UID application. The UniFi Access application will be in read-only mode.
- Currently, NFC cards and PIN codes registered in UniFi Access cannot sync with UID. Please register them in UID to avoid door access issues.
- Workspace administrators may not be able to access the hosting UniFi OS Console via its IP address. As such, please enable the Keep UniFi OS Users After Importation option when setting up UID.
Note: This article outlines the UID setup process when a UDM Pro is the UniFi OS Console running the application. If you have a UDM Pro but haven't set it up yet, follow the steps in our UDM Pro's Quick Start Guide.
For additional troubleshooting assistance, see UniFi - Set up a UniFi Dream Machine Pro.
Create and activate your workspace
1. Open the Workspace Request page and submit your request
All workspace request submissions are reviewed within 2 weeks:
- If your application is approved, you will receive an email with your workspace activation code and you can proceed to the next step.
- If your application is declined, you can modify and resubmit your request. The most common reasons for an application rejection are an invalid domain and the area/region not supported by UID.
2. Click the workspace activation link enclosed in the email to enter your activation code
3. Add the workspace Owner's details and accept the terms
A confirmation message similar to the one below should be sent to your email address.
4. Go to your UID workspace via the link enclosed in the confirmation email and log in as the workspace owner
During the log-in process, enter the Owner's email address and the temporary password enclosed in your confirmation email. Once entered, click Sign In.
5. Enter your new account password and create a security question
Make sure that the security question's answer is between 4-120 characters, then click Continue.
6. Set up Multi-factor authentication via SMS and the UI Verify mobile app
Click the Setup button to set up each authentication method and follow the instructions on-screen to download the UI Verify mobile app and set up MFA.
The UI Verify mobile app generates a secure code layer that is used in addition to your username and password to add an extra layer of protection to your account.
7. Fill in the required workspace's information
Make sure that the workspace name doesn't exceed 50 characters.
Select Any Domain from the Specify Email Domain for UID Account drop-down to allow users to register with any email domain, or select Specific Domain to use only a specific email domain when registering a new UID account.
8. Create your first site and finish creating the workspace
Enter your first site's name, location, and time zone in the respective fields then click Continue to complete the workspace creation process.
After completion, you will be directed to the Getting Started page.
The next part of the UID setup process is installing the UID Agent application on your UniFi OS Console. You will be able to finish configuring your workspace after completing the initial setup.
Install the UID Agent application
The UID Agent application manages your UID services, such as UID WiFi, UID VPN, and UID Access.
Note: UID Agent can only be used by an Owner, Super Admin, Workspace IT Admin, Site IT Admin, or other admin-level users with UDM permissions.
Before installing the UID Agent application, please make sure that:
- Your UniFi OS Console's (e.g. UDM Pro) is up to date. UID Agent will be automatically be installed on consoles running Version 1.10.0 firmware or higher.
- Your console's public IP address matches the allowed public IP address, so it can connect to the UID Agent.
- The Fix Host Device Public IP and Restrict Host Device IP features are enabled by default. The former allows you to restrict user access to a single IP address or IP range. To manage your host device IP zone, go to UID Cloud > Security > Network Zones.
To install the UID Agent:
- Access your UniFi OS Console and go to System Settings > Updates. If you see UID Agent but it is not installed, click Install.
- If the installation process stalls or is taking too long:
- SSH into your UniFi OS Console using the commands corresponding to your console firmware version:
UDM with firmware version 1.10.0:
apt update & apt install uid-agent
- Reboot your UniFi OS with the following commands:
systemctl restart unifi-core
- SSH into your UniFi OS Console using the commands corresponding to your console firmware version:
- After the application is successfully installed, a pop-up will prompt you to start the UID Agent setup wizard. Click Learn More to start the setup wizard.
Note: If this pop-up prompt didn't appear, go to your console's Applications page and click the UID icon to start the setup wizard.
- Obtain and enter your Workspace Join Key:
Note: Only an Owner, Super Admin, or Site Admin can obtain a Workspace Join Key.
- Obtain your Workspace Join Key by opening your UID Admin Portal in a new browser tab.
- Enter your workspace domain and log in with your credentials.
- Go to Settings > UniFi OS Console > UID Agent Token > Create UID Agent Token.
- Enter the UID Agent Token Name. This can be any custom word or phrase of your choice.
- Click Next to obtain the Workspace Join Key.
- Go back to the UID Agent setup wizard, enter the Workspace Join Key, and click Next.
- Select or create a site:
- To select an existing site, select it from the drop-down menu.
- To create a new site, click Create a new site in the bottom-left corner of this screen, fill in the required details, and click Next.
- Import users into the UID application:
- If your UID application and UniFi OS Console are associated with the same email address, said address cannot be edited.
- If your UID application and UniFi OS Console are not associated with the same email address, the address can be edited. Following user importation, a UID invitation email will be sent to the specified address.
- If you leave the email address field blank, UniFi OS users will not be imported.
- If you would like to keep your existing UniFi OS users, click the checkbox visible on-screen. Alternatively, leaving this checkbox empty, all UniFi OS users except the owner of the UniFi OS Console will be deleted and not allowed to use the applications.
Note: All users imported to UID will be under the site created in the workspace activation process.
- If you have configured and used UniFi Access equipment and the Access application earlier, you can migrate your UniFi Access devices to UID by following the instructions on-screen.
- The UniFi Access devices must be online/active in order to import them into UID. The offline devices will not migrate to UID.
- At the moment, NFC cards and PIN codes set up in the UniFi Access application will not sync to UID. You will need to register them in the UID Agent application to avoid issues with door access.
Once the user importation is complete, the UID setup process will resume to completion. When it's finished, you can:
- Click Launch your-domain.com to go to your UID Cloud dashboard,
- Click View on UniFi Portal to visit your UniFi OS Dashboard, or
- Click Back to Device to open a page with additional information on the UID Agent application.
Configure your workspace
Once you've successfully registered your new workspace and set up the UID Agent application, you can configure your workspace's settings.
For more information on workspace configuration, see UID - Manage your workspace.
Access the UID Portal on a web browser
All users can access UID via the UID Login Portal (login.uid.ui.com or [your workspace domain].ui.com/login).
Employees will automatically be directed to the UID User Portal.
Admin-level users will be directed to the UID Manager Portal. However, they can also access the UID User Portal by clicking the rocket icon in the top menu bar.
Admins in the UID User Portal can return to the UID Manager Portal by opening the Applications page and clicking the UID Admin Portal icon.
Use the UID desktop applications and mobile apps
Log in to the UID User Portal and open to the Download page to install the web applications or mobile apps that are relevant to your user role.
All employees can use the UID web application and mobile app to unlock workspace doors and connect to company WiFi or VPNs.
For more information on the UID web application and mobile app, see UID - Employee guide to UID.
The UID Manager Portal and mobile app are designed to help workspace administrators manage users, door access, networks, and other UID services.
Single Sign-on (SSO) lets employees, partners, and customers obtain simple, fast, and secure access to all SaaS, mobile, and enterprise applications with a single authentication using corporate credentials.
Multi-factor Authentication (MFA) is an additional security layer to protect the user account, user behavior, application sensitivity, and other situational risks.
Lifecycle Management (LCM) lets you easily view and transition users between lifecycle states and automate user onboarding and offboarding procedures.
Universal Directory (UD) is a single place to manage and view all of your organization's users, groups, and devices. You can import users directly to UID or integrate with your existing directory (Active Directory, LDAP, G-Suite, CSV, BambooHR, and others).
UID WiFi is the easiest, fastest, and safest way to connect to your company WiFi.
UID VPN lets you access your organization's VPNs anywhere, anytime with a single click or tap.
UID Access lets you securely manage your UniFi Access system and devices, and allows employees to unlock doors with their phones, NFC cards, and other methods.
For a more detailed overview of these and other UID features, see UID - Use UID.
Frequently asked questions
I migrated to UID and now I can’t access my UniFi OS Console. What should I do?
This can happen when the Keep UniFi OS Users After Importation setting is not enabled during setup.
When this setting is enabled:
- UniFi OS users will retain the same roles and privileges as they did before.
- UniFi OS admins will still be able to access the Network and Protect applications via the UniFi OS Console’s IP address.
- Owners and admins will have read-only access to the UniFi Access application via the UniFi OS Console’s IP. They will not, however, be able to manage users and devices in the Access application. They must do that in the UID application.
When this setting is disabled:
- All UniFi OS users, except the Owner, will be deleted from the UniFi OS Console.
- Only the Owner will be able to access the UniFi OS Console via its IP.
- Other admins will have to go to the Host Device section of the UID settings in order to open the UniFi OS Portal and access the host console and its other applications.
- UID administrators (e.g., IT admins, Site Admins, Super Admins) will be synced to the UniFi OS Console and will be able to access the UniFi OS Console via its IP.
There are conflicts between RADIUS Service and UID Service.
If you already use RADIUS, you may encounter the following problems after upgrading to UID:
- The RADIUS users on your UDM Pro are deleted regularly.
- You cannot use or see your current VPN.
To fix these problems, you can try to:
- Change the account of other systems by adding an email alias, as this issue could be due to the user accounts in UID being the same as those in the existing RADIUS server.
- Disable UID WiFi.
- Disable RADIUS server.
- Use the same password for UID WiFi and RADIUS.
- Uninstall UID.
UID - Use UID
UID - Employee guide to UID
UniFi - Upgrade the Firmware of a UniFi device
UniFi - Set up a UniFi Dream Machine Pro
Intro to Networking - How to establish a connection using SSH
UniFi Access - Getting started