Skip to main content
A Sign In Module is an authentication method a guest can use on the Captive Portal. Sign In ships with a broad range of modules — from fully anonymous click-through onboarding to enterprise-grade SAML SSO — and you can combine and activate several of them at once on the same network, so different audiences get different sign-in flows. You configure modules at the Context level (credentials, integrations, display labels, timeouts). Five of the modules (Meeting Host, Email Self-Provisioning, SAML, Conferences, and Whitelisting) are additionally gated per-audience through Access Policies — the same Context can offer different gated modules to different guest groups.

The modules

Meeting Host

A visitor enters their name, their email, and the email of the employee hosting their visit. The host receives an approval request by email and approves or denies with one click. Once approved, the visitor is granted access for the duration set by the applicable Access Policy. Ideal for corporate lobbies and scheduled business visits. See Meeting Host.

Conference

A group-code sign-in designed for meetings and conferences. Each conference has its own code, active window, and visitor limits. The owner of the conference distributes the code to attendees however suits the setting — meeting invite, slide deck, lobby signage. See Conference.

Click-to-Connect

Seamless guest WiFi with a single click. The guest confirms the Terms and Conditions and is immediately connected — no credentials, no approvals, no extra steps. Ideal for cafés, hotels, shopping malls, and public spaces where speed and simplicity matter. This is the same module as Quick Access in the admin — Click-to-Connect is the product name, Quick Access is the admin label.

Self-Provisioning via Email

Guests enter their email address and receive a verification link. Clicking the link grants extended access per the applicable Access Policy. Administrators control session duration, device quotas, and which email domains are acceptable. See Self-Provisioning by Email.

Self-Provisioning via SMS

Guests enter a mobile phone number and receive a one-time PIN by SMS. They enter the PIN on the portal and gain access. A secure, streamlined login that doesn’t require account creation ahead of time. See SMS.

BYOD with SAML SSO

Guests sign in with their existing corporate account — Microsoft Entra ID, Google Workspace, Okta, or any other SAML 2.0 identity provider — instead of creating new WiFi credentials. Ideal for partners, contractors, and long-term visitors who already have corporate accounts. See SAML SSO.

Password-Based (Static & Subscription)

Shared passwords that can be either static (a fixed value you change on your own schedule) or subscribed (automatically rotating on a daily, weekly, or monthly interval). Subscriptions can be displayed on a public URL — useful for lobby signage or digital information screens. See Password.

Username & Password

Each guest has an individual account with a unique username and password. Administrators create accounts manually or via API. Useful for returning users, staff, and long-term contractors. See Username & Password.

RADIUS

Delegate sign-in to an external RADIUS server — typically a library system, visitor registration system, or any other credential source reachable over RADIUS. Sign In acts as the RADIUS client. See RADIUS.

Event Access

A pass-through sign-in option that grants network access without verification, redirecting the guest to a predefined URL. Useful for ticketed events, conferences, and venues where guest identification isn’t required. See Event Access.

Whitelist (headless devices)

Pre-approve a device by MAC address so it gets network access without interacting with the Captive Portal. The right approach for printers, IoT sensors, signage, and other devices that can’t sign in interactively. See Whitelist.

Quick Access

One-click sign-in for low-friction flows — the guest accepts the Terms and Conditions and is connected immediately. This is the admin-side name for the Click-to-Connect feature described above. See Quick Access.

How a module is turned on

Three things must line up:
  1. The module is activated in the Context — from Sign In Modules → module name click the teal Activate <module> Login Module button in the Status card on the top-right.
  2. For policy-gated modules (Meeting Host, Email Self-Provisioning, SAML, Conferences, Whitelisting), the module is enabled by an Access Policy that applies to the guest.
  3. Any module-specific prerequisites are in place — an SMS provider, a SAML IdP, a RADIUS server, and so on.
If any of these is missing, the module won’t be available to the affected guest.

Picking the right module

A quick decision heuristic:
  • Guests already have corporate accounts → SAML SSO for BYOD, RADIUS if identity lives in a RADIUS-backed system.
  • Guests are unknown and you want self-service → Self-Provisioning by Email or SMS.
  • You want a host to vouch for visitors → Meeting Host.
  • Recurring meetings or groups → Conference.
  • Low-friction short visits → Click-to-Connect or Quick Access.
  • Events with a defined audience → Event Access.
  • Shared WiFi for a defined population → Password-Based.
  • Headless devices → Whitelist.
  • Managed user accounts → Username & Password.

Access Policies

Control which modules are offered to whom, under which rules.

Quickstart

Walk through enabling your first module.