Approve or reject another agent's zero trust signature key

Agents in Admin or Super Admin role with a signature key can approve or reject other agents' requests for a key.

Every agent in a company can have their own unique signature key to perform sensitive tasks, such as remote controlling devices. This also means that it bears great responsibility to manage signature keys.

Remember:

The first agent who creates a key does not need approval.
Remember: As best practice, it is strongly recommended that an agent in with admin or super admin role should create the first key. This is important because only users in admin or super admin roles can approve subsequent signature key requests.
Credentials that allow you to access a device are not stored in LogMeIn Resolve. Without these credentials, potential hackers can't take over or run PowerShell commands on your remote devices.
For information on changing user roles, see Change a user's role in the admin portal

Here's how admins can approve a signature key request:

In the Console, select your profile icon in the top-right corner.
Select Manage zero trust.
Under Pending keys, find the agent whose request you want to approve.

Admin's view of the zero trust page

Tip: Having a different view?
That could be because you have Member role in your organization. For information on the differences between roles, see About the relationship between zero trust and user roles in LogMeIn Resolve
Depending on whether you want the selected agent to use zero trust, select Approve or Reject.
When you reject a user's request, they can still create a new signature key request from scratch.
When you approve a signature key, ask the agent for their verification code that they received when creating a new signature key. Verify that you've asked the requester for their verification code and that it matches the code displayed.

Important: As an approver, it is your responsibility to decide who you allow to perform sensitive tasks in LogMeIn Resolve.
Click Approve request.
Type your signature key and click Proceed.
Optional: To select how often to be prompted for your signature key in your current browser, select Prompt frequency and choose the option that best suits you:
- Upon each sensitive task - Type your key every time you perform a sensitive task. This is the default setting.
- Once a day - Type your key once every 24 hours. For example, if you type your key at noon, then you can perform sensitive tasks until noon the following day without typing your key again.
- Once a week - You can use your key to perform sensitive tasks for one week, that is for 168 hours.
Remember:
- Frequency settings apply to your current browser only. When you sign in to the Console in two separate browsers, your frequency settings will differ.
- Upon log out or when you change your signature key, your frequency setting defaults to prompting for a key every time you perform a sensitive task, regardless of which frequency option you chose.
- As an admin, you can restrict the prompt frequency options that agents can choose. To do so, in GoTo Admin, go to Settings > Zero trust status and on the Settings tab, toggle the options that best suits you.

Results: The agent receives an email when the key is approved.

Note: As an admin, you can view whether users of your organization have set up zero trust keys. See View the zero trust status of users in GoTo Admin

Article last updated: 14 October, 2022

You are viewing the latest version of this article.

Approve or reject another agent's zero trust signature key

Collaboration Products

GoTo Connect

GoTo Meeting

GoTo Webinar

GoTo Training

join.me

Grasshopper

OpenVoice

Remote Solutions Products

GoTo Resolve

Rescue

GoToAssist

Access Products

Pro

Central

GoToMyPC