MYID Self Verify is the employee-facing mobile and admin layer for enterprise identity operations. It works with existing identity providers, SIEM/XDR tools, EDR platforms, directories, OTP routes, email, SMS, push notification services, and secure on-premise connectivity so users can sign in, manage their identity, recover access, review incidents, and let policy-controlled Autopilot protect the account when they do not respond.
The v2 codebase is split into an employee Flutter app, a Java server/API layer, and an SSO-protected admin console. Together they give users controlled self-service while giving admins tenant readiness, integration testing, launch controls, and audit visibility.
Employees scan or enter a company code, load sanitized tenant bootstrap settings, and sign in against the configured identity provider.
Users get password login, biometric fast path, refreshable sessions, push registration, widgets, and iOS Live Activities.
Manage flows include password change/reset, profile updates, MFA factor list and enrollment, AD unlock, and recent activity lookup where enabled.
Users can review open incidents tied to them, inspect details, confirm recognized activity, deny suspicious activity, and record a response.
Organizations define response timers and consent rules. If enabled, MYID can record non-response and trigger configured protection actions.
Admins configure company integrations, test providers, see logs, track readiness gates, and issue onboarding only when required checks pass.
MYID lets employees handle the actions they naturally expect from a modern mobile identity app while the server enforces provider policy, step-up checks, audit logging, and tenant capability flags.
Users can change or reset passwords through provider-aware flows, with OTP or challenge verification when configured.
Users can review factors, delete or disable stale factors where provider APIs allow it, and enroll SMS or email factors through MYID-managed steps.
Users can clear routine Active Directory lockouts after verification, while IT keeps control of policy, logging, and allowed action boundaries.
Recovery contact data and selected profile attributes can move out of ticket queues and into controlled user self-service where the connected provider supports writeback.
MYID Protect turns security incidents into plain-language mobile workflows. The user can confirm recognized activity, deny suspicious activity, or let the timer expire into tenant-approved Autopilot behavior.
Identity and security events are ingested, polled, cached, and matched to the user where possible.
MYID sends push notifications and routes the user directly into incident review after authentication.
The user confirms or denies activity tied to their own account; MYID records the response.
If denied or unanswered, MYID runs configured protection actions and stores provider results.
You decide the response window. One minute, five minutes, an hour, or up to 30 days. If the user denies an incident or does not respond, MYID records the decision path and runs the protection actions configured for that tenant.
Autopilot is not a black box. Each customer chooses whether it is disabled, enforced, or user-selectable, what response timer applies, and which remediation actions are allowed by the connected provider stack.
User responses, non-responses, incident context, remediation attempts, and provider results are recorded so IT and security can review what happened without chasing screenshots or ticket comments.
MYID Admin is protected by enterprise SSO and gives SPS/customer admins a control plane for tenants, integration slots, connection tests, launch readiness, logs, and company QR onboarding.
MYID is designed for environments where identity, security monitoring, endpoint posture, and directory infrastructure need a user-facing mobile workflow and admin launch process.
MYID turns identity recovery and identity risk into guided, verified user workflows backed by your existing systems and your organization's policy.