Using Conditional Access for Applications on Windows computers

Read this page to learn how to access your company applications if they are protected by Portnox™ Conditional Access for Applications.

To access your protected company applications, you must do the following:

  • Download and install Portnox AgentP on your device.

  • Log in to Portnox AgentP using your company credentials.

  • Select your certificate when accessing the company application through the browser.

These steps are described in detail in the sections below:

Download and install Portnox AgentP

First, you must download and run the installer for the Portnox AgentP application, which will communicate with Portnox Conditional Access and generate the certificate for your computer.

  1. Click on the following link or open your browser and type the following address in the Web address field: clear.portnox.com/agentinstall.

    Result: Your browser opens the page that lets you download the Portnox AgentP application to your computer.

  2. Scroll down the Download Portnox AgentP page to the tiles for the Windows operating system and click on the Download for Windows (*.exe) tile to download the generic Windows installer.
    Note: Other versions: *.msi for x64 and *.msi for x64 are there for administrators who want to distribute AgentP using endpoint management systems, not for end-users.

    Note: The screenshot above and further screenshots show the Microsoft Edge browser, which is the default browser in Windows. The page will look very similar in any other browser, such as Google Chrome. You can use the browser of your choice.

    Result: Your browser downloads the Portnox AgentP application installer to your browser’s default download folder.

  3. Click on the Open file link in the browser pop-up that shows the downloaded installer or double-click on the installer file (PortnoxAgentP.exe) in the Windows Explorer window in the relevant directory.

    Result: The Portnox AgentP Setup wizard opens.

  4. In the User Account Control window, click on the Yes button.

    Result: The Installing window with a progress bar appears. It closes automatically after AgentP is installed.

Log in to Portnox AgentP using your company credentials

After you download and install the Portnox AgentP application, run it and log in to it using your regular company credentials.

By default, Windows will run the Portnox AgentP application as soon as it is installed. If not, you can run it manually.

  1. If the Portnox AgentP application is not running, run it manually: click on the Windows Start menu button and select Portnox AgentP.

    Result: If you haven’t configured AgentP before or if you configured and deactivated it, it opens the AgentP configuration wizard.

  2. In the Welcome to Portnox AgentP window of the AgentP configuration wizard, click on the Automatically (recommended) button. If this button is not available, click on the Corporate account button.

  3. If you clicked on the Automatically (recommended) button, in the next step, click on the User mode tile.
    Note: Your company IT support staff may ask you to click on the Kiosk mode tile instead.

    Important: If you clicked on the Automatically (recommended) button, you will be logged in and you can skip the next steps in this section. If the Automatically (recommended) button is not available, click on the Corporate account button and do the next steps.
  4. In the Choose your account type window of the AgentP configuration wizard, follow the steps depending on how you normally log in to your company applications.
    • If your company uses Microsoft Azure for its employees, click on the Azure button.
    • If your company uses Google Workspace for its employees, click on the G suite button.
    • If your company uses Okta Workforce Identity for its employees, click on the Okta button.
    • If you don’t recall hearing any of these platform names before when logging in to your company apps, consult with your company’s IT support staff or click the Other button and then enter your company email and password in the Login and Password fields, and then click on the Register button.

    Important: The following steps and screenshots assume that your company uses Microsoft Azure, which is the most popular platform. These steps will look similar if your company uses other platforms.
  5. If your company uses Azure, in the Sign in window, enter your business email address. Then, click on the Next button.

    Note: The screenshot above is an example, where your company name is Example and your company domain is example.com. Use your real business email address instead.

    Troubleshooting: If you see a button with your email address on it, it means you are already logged in to Microsoft Azure. Click on that button instead of entering your email address.

  6. If your company uses Azure, in the Enter password window, enter the password that you normally use to access your company email and applications. Then, click on the Sign in button.

    Troubleshooting: If you cannot log in, and you are sure that your password is correct, go back to the Register your device step and try a different choice or ask your company’s IT support staff what platform your company uses to authenticate the employees.

  7. If your company uses Azure, and a Stay signed in? window appears, follow the company policy and/or your preferences to choose Yes or No.

    Note: Your choice will not affect your access to applications but if you choose No, you may have to log in again the next time you will be accessing the applications.

Result: You are logged in to Portnox AgentP. AgentP silently requested and downloaded the certificate for your device, which you will later use to log in to applications.

Important: You can click on the x icon in the top-right corner of the AgentP window to minimize it but do not exit AgentP. Make sure to always keep the Portnox AgentP application running in the background. You can check if AgentP is running in the background by looking for the AgentP icon in the notification area (system tray).

Access the application using your certificate

After you log in to the Portnox AgentP application, you can access your online company resources that are protected by Portnox Conditional Access.

Note: In this example, we are logging in to the Atlassian Confluence/Jira application using the Chrome browser. The process is similar for all other applications protected using Portnox Conditional Access for Applications. We tested Conditional Access on the following browsers: Chrome, Edge, Firefox, Brave, Vivaldi, Opera.
  1. Open your company application.

    Proceed normally as if you were opening the application before it was protected using Portnox Conditional Access. For example, for Atlassian Confluence, you could type your_company.atlassian.net in your browser address field, where your_company is your company name.

  2. Enter your company email address or click on the Conditional Access button. Choose one of the following options:

    • If the application login screen does not have a button that says Log in with Conditional Access or Log in with your company name, enter your business email address. This is an example for Atlassian Confluence/Jira:

    • If the application login screen has a button that says Log in with Portnox Conditional Access or similar, such as: Log in with your company name, click on this button. This is an example for Salesforce:

    • If the application has a button that says SSO, click on this button. This is an example for Zoom:

    Result: Your browser may show a window asking you to select a certificate.

  3. In the Select a certificate for authentication window, click on the certificate, and then click on the OK button.
    Note: Our application always attempts to select the certificate automatically so this window may not appear for you. If it appears, it means that our application was not able to select the certificate automatically, for example, due to there being more than one certificate or due to operating system or browser restrictions.

    Troubleshooting: You must click on the certificate before you can click on the OK button. If you have more than one certificate, select the certificate that has the name Portnox, or consult with your company’s IT support staff. If there are any errors, close all your browser windows and restart your browser. If that does not help, consult our troubleshooting guide.

Result: You can now access your company applications that are protected using Portnox Conditional Access for Applications.