跳转至

Log in to the platform(登录平台)

The Palantir platform supports SSO authentication and passwordless login using passkeys. If your organization uses SSO, proceed with the steps from your SSO provider. To learn more, refer to the authentication documentation. To log in to the platform with a passkey or manage your passkeys, review the sections below.

Set up and configure a passkey

To configure and log in with a passkey, you must first receive an email from Palantir titled "Set up your Palantir account and log in". This email will contain a one-time password and a link to set up your account. You will be prompted to verify your phone number and create a passkey, which you can then use to log in. Review the sections below for more detailed instructions.

When configuring a passkey, you will have various storage options:

  • Save a passkey to the device you are using: Depending on your device and browser, the options to save a passkey on the device you are using will vary. For example, if you are using an iPhone, you can save the passkey to your iCloud Keychain, and if you are using Google Chrome, you can save the passkey to your Chrome profile or to the Google Password Manager. It is up to you to select your preferred credential store. This may be the one you are most familiar with, or the one that offers the easiest identity verification option for you.
  • Save a passkey to a security key: Security keys are physical devices that enhance account security by adding an extra layer of authentication. When you save a passkey to a security key, you will need to insert the security key and enter your PIN and/or touch the security key's sensor every time you need to log in.
  • Save a passkey to a mobile device: When you save a passkey to a mobile device, you will need to scan a QR code with that device to log in. You will also be able to log in directly from that device without scanning a QR code. For example, if you add a passkey from a laptop and save it on your mobile device by scanning a QR code, the stored passkey can be used to log in directly from that mobile device. Ensure that Bluetooth is enabled on your device(s) when using this option.

Note that some devices may automatically offer the default option for storing a passkey, such as Windows Hello or iCloud Keychain. You do not need to choose the device's default option to store your passkey. You have the option to back out of the default dialog and select your preferred passkey storage option.

You do not need to use a specific authentication application. Your device's built-in security features such as facial recognition or fingerprint scanning can be used along with your device's native camera.

Depending on your device, the option to select a security key or a mobile device may appear slightly differently. For example, on iOS, the option may read iPhone, iPad, or Android device and list security key separately, while other devices may read Use a phone, tablet, or security key. Read the options carefully and select the option that reflects your desired passkey storage method.

:::callout{theme="warning" title="Device and browser support"} Ensure that your mobile device and browser are supported before attempting to store a passkey. The following versions are supported for iOS and Android devices:

  • iOS devices: The latest version of iOS and one prior version are supported. For example, If the latest version of iOS is iOS 18, iOS 18 and 17 are supported.
  • Android devices: Devices running Android 13 and later are supported.

    The Palantir platform is fully supported on Google Chrome and Microsoft Edge versions released within the last six months. Mobile usage requires Google Chrome, Microsoft Edge, or Apple Safari. For best results, use Google Chrome or Microsoft Edge if possible. :::

Follow the instructions below to continue configuring your passkey:

  1. Navigate to the email from Palantir titled "Set up your account and log in", and select the Set up account option.

    The 'Set up your Palantir account' email.

  2. Enter the email address that you used to register and the temporary password included in the email, then select Next.

    The email and one-time password form.

  3. Enter your first and last name, then choose between verifying your account with SMS or with a phone call.

    The 'Create your account' form.

  4. Verify your phone number by entering the six digit authentication code provided by SMS or phone call. If you did not receive a verification code through SMS or phone call, select Resend code under the verification number input.

    The input used to verify your phone number.

  5. If you were invited to an existing enrollment, agree to the terms and conditions to proceed. Otherwise, skip to step 6.

    Agree to the terms and conditions.

  6. Select Add passkey.

    Select the 'Add passkey' option.

  7. Select a destination to save your passkey, then follow the on-screen instructions. Your device may automatically suggest the default credential store, but you can choose a different option by selecting Save another way. Pay special attention to whether your passkey will only be available on one device.

    The option to 'Save another way' when creating a passkey.

  8. Save a passkey to the device you are using: Select your preferred credential store and follow the instructions on your device to verify your identity. This may involve a fingerprint scan, facial recognition, or entering a PIN. Choose a credential store that you are familiar with, or one that offers the easiest identity verification option for you.
  9. Save your passkey to a security key: Select Use a phone, tablet, or security key. You will then need to insert the security key and enter your PIN and/or touch the security key's sensor.
  10. Save your passkey to a mobile device: Select Use a phone, tablet, or security key. Then, scan the QR code with your mobile device's camera and follow the instructions on your mobile device to verify your identity.

    The create passkey dialog.

  11. To avoid issues, ensure that you are using a supported browser.
  12. Once your passkey has been successfully added, you will see the following screen:

    The 'Passkey successfully added' message.

Now that you have successfully configured a passkey, follow the instructions below to log in with your passkey.

Log in with a passkey

To log in with a passkey, review the section below that applies to your situation. If you navigated away from the login page and do not remember the URL, check your registration email. After successful creation of a passkey, you will receive an email titled "Your Palantir account was successfully set up". Select the Log in option in this email to navigate to the platform login page.

Log in with a passkey stored on your device

If your passkey is stored on the same device that you are using to log in, follow the instructions below.

  1. On the Palantir login page, enter the email address that you registered with and select Next.
  2. Select Use passkey to log in to your account using the passkey stored on your device. Your device will automatically recognize that a passkey is configured for this URL and guide you to verify your identity.
  3. Follow the on-screen passkey instructions to unlock your device and select your passkey. This may involve facial recognition or a fingerprint scan to verify your identity. Once verified, you should have access to the platform.

Log in with a passkey stored on a mobile device

If your passkey is stored on a mobile device that is not the device you are using to log in, follow the instructions below.

  1. On the Palantir login page, enter the email address you registered with and select Next.
  2. Select Use passkey, then Use a phone, tablet, or security key. Select Continue.
  3. A QR code will appear on screen, which you can scan from the mobile device where your passkey is stored. After you scan the QR code, follow the instructions on your mobile device to verify your identity. After verification, you should have access to the platform.

Log in with a passkey stored on a security key

If your passkey is stored on a security key, follow the instructions below.

  1. On the Palantir login page, enter the email address you registered with and select Next.
  2. Select Use passkey, then Use a phone, tablet, or security key. Select Continue.
  3. A dialog will appear on screen instructing you to insert the security key and enter your PIN and/or touch the security key's sensor. After following the instructions, you should have access to the platform.

Add additional passkeys

We recommend that you add more than one passkey to your account as backup. You may add up to four passkeys per account, but you may only have one passkey per credential store. This means that you can only store one passkey in Windows Hello, iCloud Keychain, Samsung Pass, or other credential store. If you are attempting to create a new passkey, ensure that you do not already have a passkey stored with that credential store. For example, if you have already stored a passkey in your iCloud Keychain, attempting to store a second passkey in your iCloud Keychain will result in an error.

Before adding additional passkeys, make sure that existing passkeys have descriptive names to avoid confusion. A good naming convention for passkeys is the device it was created on plus the credential store, for example, "Work Laptop Chrome" or "Personal iPhone Keychain".

:::callout{theme="warning"} Passkey names are visible to your organization's administrators during account lockout recovery. Do not include personal or sensitive information in passkey names. :::

To add an additional passkey to your account, select Account at the bottom of the right toolbar, then select Settings. On the settings page, navigate to the User settings section on the top right and select Authentication. You can also access the authentication page using the following URL:

<your-enrollment-URL>/workspace/settings/authentication

Authentication settings

On the Authentication page:

  1. Select the Add a passkey option.
  2. You may be asked to re-authenticate before adding an additional passkey.
  3. Select a destination to save your passkey, then follow the on-screen instructions.
  4. To save your passkey on the device you are using, select your preferred credential store and follow the instructions to verify your identity.
  5. To save your passkey on a security key or mobile device, select Use a phone, tablet, or security key. You will then need to scan the QR code with your desired mobile device, or insert a security key and enter your PIN and/or touch the security key's sensor.

Remove a passkey

To remove a registered passkey, select Account at the bottom of the right toolbar, then select Settings. On the settings page, navigate to the User settings section on the top right and select Authentication. You can also access the authentication page using the following URL:

<your-enrollment-URL>/workspace/settings/authentication
  1. Use the Actions dropdown menu next to the passkey you would like to remove.
  2. Select Delete, then Confirm you want to remove the passkey. Once removed, you will no longer be able to use this passkey to log in.
  3. After deleting a passkey from the platform, navigate to the credential store that the passkey is stored in and delete it there as well. If you do not delete the passkey from the credential store, you will not be able to register a new passkey with that credential store.

Reset your account

If you cannot access any of your passkeys, depending on your enrollment type, you can use the self-service passkey reset or contact an enrollment administrator. To avoid this scenario, we recommend registering at least two passkeys in case access to one passkey is lost. Make sure to add descriptive names for your passkeys for easy identification.

If you created your enrollment, use the Reset passkey option found on the login page below the login form and complete the verification steps. Depending on your enrollment, this passkey reset may be immediate, or it may be submitted for review.

If you were added as a user to an existing enrollment, contact your enrollment administrator to manage your passkeys.

Support

If you have trouble accessing your account, select the Need help? link under the login form and fill out the form on the AIP/Developer Tier support page.

Provide the following information to help us identify the problem:

  • The browser you are using, for example, Google Chrome, Microsoft Edge, or Firefox.
  • The kind of device you are using; this could be a Macbook, Windows PC, iPhone, or Android device.
  • The device you are saving the passkey to; this could be the device you are using, a separate mobile device, or a security key.
  • The credential store you are using, such as Windows Hello, Samsung Pass, or iCloud keychain.

We recommend that you maintain at least two different passkeys for your account. For example, you can store one passkey on your phone and one in your Chrome profile.

On Windows computers, we recommend the following approaches to managing passkeys:

On a macOS device, you can create and store passkeys that are synced across your devices using iCloud:

On mobile devices, you can create and store passkeys in Google Password Manager or iCloud keychain:

Troubleshooting

Lost access to passkeys

If you cannot access any of your passkeys, your account needs to be reset. This process may vary depending on whether you created your own enrollment, or if you were added to an existing enrollment. For detailed instructions, refer to the account reset section.

My one-time password is expired

If your one-time password (OTP) expired before you were able to configure your account, you must request a new one. If you were added to an existing enrollment, contact your enrollment administrator for a new OTP.

If you created your own enrollment, navigate to the email from Palantir titled “Set up your Palantir account and log in”. Select the Set up account option to open the Welcome to AIP page. Here, you can select the Need help? link under the sign in form and fill out the support form to request a new OTP.

Unable to create a passkey

There are multiple reasons why a passkey may fail to register, including verification time out, failure to authenticate before passkey creation, or connection issues with the device where you are trying to store the passkey. Ensure that you verify your identity within the time window, and that bluetooth is enabled on your device(s).

If you are still having issues, ensure that you do not already have a passkey for this account in the credential store you are trying to use. For example, if you delete an existing Windows Hello passkey from the platform, then attempt to register a new Windows Hello passkey before deleting the old one from your device, you will get an error. You must first delete existing passkeys from a given credential store (for example, iCloud Keychain, Windows Hello, or Google Password Manager) before you can store a new passkey in that credential store.

Some devices may need to have certain features enabled in order to store passkeys.

  • On Apple devices, enable iCloud Keychain in System Settings and ensure that your settings allow passkeys to be synced across devices. For more information refer to the iCloud Keychain documentation ↗.
  • On Android devices, the screen lock feature must be enabled. The presence of a screen lock is a prerequisite for using passkeys on Android devices for security reasons. For more information refer to the Android screen lock documentation ↗.

Each device, browser, or operating system has its own default credential store, such as iCloud Keychain or Samsung Pass. Ensure that the credential store of your choice is enabled on your device.

Passkey not working on mobile

Some passkeys are device-specific and will only work when you use the device on which they are stored. These device-specific passkeys will alert you during creation that they can only be used on one device. Other passkeys may be accessible on multiple devices, such as passkeys stored in password managers. To ensure that you are able to use passkeys across devices, make sure that you have enabled autofill for the credential store provider on your device(s).

For example, if you wish to use Google Password Manager passkeys on multiple devices, Google Password Manager must be enabled as the autofill provider in your device settings. For more information on using Google Password Manager passkeys across devices, visit the official Google Password Manager documentation ↗.

Forgotten username

Your username is the email account you used to register for a Palantir account. The first email you will receive from Palantir is titled “Set up your Palantir account and log in”. Search your email account(s) for this email to verify that you have the right account.

Client-side passkey issues

If you are having issues with passkeys and are not sure whether this is due to the Palantir platform or software/hardware limitations, you can test whether you are able to use passkeys in general on webauthn.io ↗. Register and use a passkey on this site to identify whether passkeys work on your device. If you are still having issues, or the issue appears to originate from the Palantir platform, select the Need help? link under the sign in form and fill out the form on the AIP/Developer Tier support page to get help with your issue.

In some cases, a browser or operating system may be too outdated to support passkeys. Ensure that you are using an updated operating system and a browser such as Google Chrome, Microsoft Edge, or Apple Safari, with a version that has been released in the past six months. Review our supported browsers for more information.

My organization does not support passkeys

If your organization does not support physical or digital passkeys in any capacity, it may not be possible to create a self-service Palantir account, including AIP Developer Tier accounts. If you will be attending a Palantir event and require access to the platform, contact the event organizer to check if compatible hardware can be provided for you.

Phone number is unavailable

During account creation, you will be asked for a phone number. If you get the error message Phone number is unavailable, you will need to enter a different number. Phone numbers can only be used once per enrollment.

Email domain restrictions

Your enrollment may restrict which email domains can be used to register or log in. If your email domain is not permitted, you may encounter an error during sign-up indicating that your domain is restricted or that your invitation is no longer valid. During login, domain restrictions may result in a general login failure without additional details.

This can occur when an enrollment administrator updates domain restrictions after an invitation was sent or after your account was created. If you previously had access or received an invitation link that is no longer working, contact your enrollment administrator to verify which email domains are currently permitted and to request a new invitation if needed.

The authenticator used to register the passkey is not allowed

If you are using an outdated operating system or browser, you may receive the following error when trying to use a passkey:

The authenticator used to register the passkey is not allowed or its details could not be read.
Please confirm you are using a supported browser before trying again.

Passkeys from outdated operating systems or browsers are blocked for security reasons. To resolve this issue, update your operating system or browser, or use a device with up-to-date software. Ensure that you are using a supported browser to avoid issues.

Passkey does not meet security requirements

Some enrollments enforce security policies that restrict which types of passkeys can be used. If your passkey does not satisfy these requirements, you will encounter an error when attempting to log in or register a new passkey indicating that the passkey does not meet the enrollment's security requirements. If a policy was changed after you registered your passkey, the error may indicate that it no longer meets the requirements.

This typically means your enrollment requires specific authenticators, such as hardware security keys, rather than built-in device passkeys. If you have multiple passkeys registered, try using a different one. Contact your enrollment administrator to confirm which passkey types are approved for your enrollment.


中文翻译

登录平台

Palantir 平台支持SSO认证(Single Sign-On)和使用通行密钥(passkey)的无密码登录。如果您的组织使用SSO,请按照SSO提供商的步骤操作。如需了解更多信息,请参阅认证文档。如需使用通行密钥登录平台或管理您的通行密钥,请查看以下章节。

设置和配置通行密钥

要配置并使用通行密钥登录,您必须首先收到一封来自Palantir的标题为"设置您的Palantir账户并登录"的电子邮件。该邮件将包含一个一次性密码(one-time password)和一个用于设置账户的链接。系统将提示您验证电话号码并创建通行密钥,之后您便可以使用该密钥登录。请查看以下章节获取更详细的说明。

在配置通行密钥时,您将拥有多种存储选项:

  • 将通行密钥保存到当前使用的设备: 根据您的设备和浏览器,将通行密钥保存到当前设备上的选项会有所不同。例如,如果您使用的是iPhone,可以将通行密钥保存到iCloud钥匙串(iCloud Keychain);如果您使用的是Google Chrome,可以将通行密钥保存到Chrome配置文件或Google密码管理器(Google Password Manager)。您可以根据自己的偏好选择凭证存储库(credential store)。这可能是您最熟悉的存储库,或者是最便于您进行身份验证的存储库。
  • 将通行密钥保存到安全密钥(security key): 安全密钥是物理设备,通过增加额外的认证层来增强账户安全性。当您将通行密钥保存到安全密钥时,每次登录都需要插入安全密钥并输入PIN码和/或触摸安全密钥的传感器。
  • 将通行密钥保存到移动设备: 当您将通行密钥保存到移动设备时,需要使用该设备扫描二维码(QR code)来登录。您也可以直接在该移动设备上登录,无需扫描二维码。例如,如果您在笔记本电脑上添加通行密钥并通过扫描二维码将其保存到移动设备上,那么存储的通行密钥可用于直接从该移动设备登录。使用此选项时,请确保您的设备已启用蓝牙(Bluetooth)。

请注意,某些设备可能会自动提供存储通行密钥的默认选项,例如Windows Hello或iCloud钥匙串。您不必选择设备的默认选项来存储通行密钥。您可以选择退出默认对话框,并选择您偏好的通行密钥存储选项。

您无需使用特定的认证应用程序。您设备的内置安全功能(如面部识别或指纹扫描)可以与设备的原生摄像头一起使用。

根据您的设备,选择安全密钥或移动设备的选项可能略有不同。例如,在iOS上,选项可能显示为iPhone、iPad或Android设备,并将安全密钥单独列出;而其他设备可能显示为使用手机、平板电脑或安全密钥。请仔细阅读选项,并选择反映您所需通行密钥存储方式的选项。

:::callout{theme="warning" title="设备和浏览器支持"} 在尝试存储通行密钥之前,请确保您的移动设备和浏览器受支持。iOS和Android设备支持以下版本:

  • iOS设备: 支持最新版本的iOS及其前一个版本。例如,如果iOS的最新版本是iOS 18,则支持iOS 18和17。
  • Android设备: 支持运行Android 13及更高版本的设备。

    Palantir平台完全支持过去六个月内发布的Google Chrome和Microsoft Edge版本。移动端使用需要Google Chrome、Microsoft Edge或Apple Safari。为获得最佳效果,请尽可能使用Google Chrome或Microsoft Edge。 :::

请按照以下说明继续配置您的通行密钥:

  1. 找到来自Palantir的标题为"设置您的账户并登录"的电子邮件,然后选择设置账户选项。

    '设置您的Palantir账户'电子邮件。

  2. 输入您注册时使用的电子邮件地址以及邮件中包含的临时密码,然后选择下一步

    电子邮件和一次性密码表单。

  3. 输入您的名字和姓氏,然后选择通过短信(SMS)或电话呼叫验证您的账户。

    '创建您的账户'表单。

  4. 输入通过短信或电话呼叫提供的六位认证码来验证您的电话号码。如果您没有通过短信或电话呼叫收到验证码,请在验证码输入框下方选择重新发送验证码

    用于验证电话号码的输入框。

  5. 如果您被邀请加入现有注册(Enrollment),请同意条款和条件以继续。否则,请跳至步骤6。

    同意条款和条件。

  6. 选择添加通行密钥

    选择'添加通行密钥'选项。

  7. 选择保存通行密钥的目标位置,然后按照屏幕上的说明操作。您的设备可能会自动建议默认的凭证存储库,但您可以通过选择其他保存方式来选择不同的选项。请特别注意您的通行密钥是否仅在一台设备上可用。

    创建通行密钥时的'其他保存方式'选项。

  8. 将通行密钥保存到当前使用的设备: 选择您偏好的凭证存储库,并按照设备上的说明验证您的身份。这可能涉及指纹扫描、面部识别或输入PIN码。选择您熟悉的凭证存储库,或选择最便于您进行身份验证的存储库。
  9. 将通行密钥保存到安全密钥: 选择使用手机、平板电脑或安全密钥。然后您需要插入安全密钥并输入PIN码和/或触摸安全密钥的传感器。
  10. 将通行密钥保存到移动设备: 选择使用手机、平板电脑或安全密钥。然后,使用移动设备的摄像头扫描二维码,并按照移动设备上的说明验证您的身份。

    创建通行密钥对话框。

  11. 为避免出现问题,请确保您使用的是受支持的浏览器
  12. 成功添加通行密钥后,您将看到以下屏幕:

    '通行密钥已成功添加'消息。

现在您已成功配置了通行密钥,请按照以下说明使用通行密钥登录。

使用通行密钥登录

要使用通行密钥登录,请查看适用于您情况的以下章节。如果您离开了登录页面且不记得URL,请查看您的注册电子邮件。成功创建通行密钥后,您将收到一封标题为"您的Palantir账户已成功设置"的电子邮件。选择此邮件中的登录选项以导航到平台登录页面。

使用存储在设备上的通行密钥登录

如果您的通行密钥存储在您用于登录的同一设备上,请按照以下说明操作。

  1. 在Palantir登录页面上,输入您注册时使用的电子邮件地址,然后选择下一步
  2. 选择使用通行密钥,使用存储在您设备上的通行密钥登录您的账户。您的设备将自动识别已为此URL配置了通行密钥,并引导您验证身份。
  3. 按照屏幕上的通行密钥说明解锁您的设备并选择您的通行密钥。这可能涉及面部识别或指纹扫描来验证您的身份。验证通过后,您应该可以访问平台。

使用存储在移动设备上的通行密钥登录

如果您的通行密钥存储在移动设备上,而该设备并非您用于登录的设备,请按照以下说明操作。

  1. 在Palantir登录页面上,输入您注册时使用的电子邮件地址,然后选择下一步
  2. 选择使用通行密钥,然后选择使用手机、平板电脑或安全密钥。选择继续
  3. 屏幕上将出现一个二维码,您可以使用存储通行密钥的移动设备扫描该二维码。扫描二维码后,按照移动设备上的说明验证您的身份。验证通过后,您应该可以访问平台。

使用存储在安全密钥上的通行密钥登录

如果您的通行密钥存储在安全密钥上,请按照以下说明操作。

  1. 在Palantir登录页面上,输入您注册时使用的电子邮件地址,然后选择下一步
  2. 选择使用通行密钥,然后选择使用手机、平板电脑或安全密钥。选择继续
  3. 屏幕上将出现一个对话框,提示您插入安全密钥并输入PIN码和/或触摸安全密钥的传感器。按照说明操作后,您应该可以访问平台。

添加额外的通行密钥

我们建议您为账户添加多个通行密钥作为备份。每个账户最多可以添加四个通行密钥,但每个凭证存储库只能有一个通行密钥。这意味着您只能在Windows Hello、iCloud钥匙串、Samsung Pass或其他凭证存储库中存储一个通行密钥。如果您尝试创建新的通行密钥,请确保您尚未在该凭证存储库中存储通行密钥。例如,如果您已经在iCloud钥匙串中存储了一个通行密钥,尝试在iCloud钥匙串中存储第二个通行密钥将导致错误。

在添加额外通行密钥之前,请确保现有通行密钥具有描述性名称以避免混淆。通行密钥的良好命名规范是创建它的设备加上凭证存储库,例如"工作笔记本电脑Chrome"或"个人iPhone钥匙串"。

:::callout{theme="warning"} 通行密钥名称在账户锁定恢复期间对您的组织管理员可见。请勿在通行密钥名称中包含个人或敏感信息。 :::

要向您的账户添加额外的通行密钥,请选择右侧工具栏底部的账户,然后选择设置。在设置页面上,导航到右上角的用户设置部分,然后选择认证。您也可以使用以下URL访问认证页面:

<您的注册URL>/workspace/settings/authentication

认证设置

认证页面上:

  1. 选择添加通行密钥选项。
  2. 在添加额外通行密钥之前,系统可能会要求您重新进行身份验证。
  3. 选择保存通行密钥的目标位置,然后按照屏幕上的说明操作。
  4. 要将通行密钥保存到当前使用的设备,请选择您偏好的凭证存储库,并按照说明验证您的身份。
  5. 要将通行密钥保存到安全密钥或移动设备,请选择使用手机、平板电脑或安全密钥。然后您需要使用所需的移动设备扫描二维码,或插入安全密钥并输入PIN码和/或触摸安全密钥的传感器。

移除通行密钥

要移除已注册的通行密钥,请选择右侧工具栏底部的账户,然后选择设置。在设置页面上,导航到右上角的用户设置部分,然后选择认证。您也可以使用以下URL访问认证页面:

<您的注册URL>/workspace/settings/authentication
  1. 使用要移除的通行密钥旁边的操作下拉菜单。
  2. 选择删除,然后确认您要移除该通行密钥。移除后,您将无法再使用此通行密钥登录。
  3. 从平台删除通行密钥后,请导航到该通行密钥存储的凭证存储库,并在那里也将其删除。如果您不从凭证存储库中删除该通行密钥,您将无法使用该凭证存储库注册新的通行密钥。

重置您的账户

如果您无法访问任何通行密钥,根据您的注册类型,您可以使用自助服务通行密钥重置或联系注册管理员。为避免这种情况,我们建议至少注册两个通行密钥,以防丢失对一个通行密钥的访问权限。请确保为您的通行密钥添加描述性名称以便于识别。

如果您创建了自己的注册,请使用登录页面登录表单下方的重置通行密钥选项,并完成验证步骤。根据您的注册,此通行密钥重置可能是即时的,也可能需要提交审核。

如果您被添加为现有注册的用户,请联系您的注册管理员以管理您的通行密钥

支持

如果您在访问账户时遇到问题,请选择登录表单下方的需要帮助?链接,并在AIP/开发者层级支持页面上填写表单。

请提供以下信息以帮助我们识别问题:

  • 您正在使用的浏览器,例如Google Chrome、Microsoft Edge或Firefox。
  • 您正在使用的设备类型;可能是Macbook、Windows PC、iPhone或Android设备。
  • 您保存通行密钥的设备;可能是您正在使用的设备、单独的移动设备或安全密钥。
  • 您正在使用的凭证存储库,例如Windows Hello、Samsung Pass或iCloud钥匙串。

推荐的通行密钥类型和最佳实践

我们建议您为账户维护至少两个不同的通行密钥。例如,您可以在手机上存储一个通行密钥,在Chrome配置文件中存储另一个。

Windows计算机上,我们建议采用以下方法来管理通行密钥:

macOS设备上,您可以创建和存储通过iCloud在设备间同步的通行密钥:

移动设备上,您可以在Google密码管理器或iCloud钥匙串中创建和存储通行密钥:

故障排除

丢失通行密钥访问权限

如果您无法访问任何通行密钥,您的账户需要重置。此过程可能因您是创建了自己的注册,还是被添加到现有注册而有所不同。有关详细说明,请参阅账户重置部分。

我的一次性密码已过期

如果您的一次性密码(OTP)在您配置账户之前已过期,您必须请求一个新的密码。如果您被添加到现有注册,请联系您的注册管理员获取新的OTP。

如果您创建了自己的注册,请导航到来自Palantir的标题为"设置您的Palantir账户并登录"的电子邮件。选择设置账户选项以打开欢迎使用AIP页面。在此页面上,您可以选择登录表单下方的需要帮助?链接,并填写支持表单以请求新的OTP。

无法创建通行密钥

通行密钥注册失败的原因有多种,包括验证超时、创建通行密钥前身份验证失败,或与您尝试存储通行密钥的设备连接问题。请确保您在时间窗口内验证身份,并且您的设备已启用蓝牙。

如果您仍然遇到问题,请确保您尚未在尝试使用的凭证存储库中为此账户存储通行密钥。例如,如果您从平台删除了现有的Windows Hello通行密钥,然后在从您的设备上删除旧通行密钥之前尝试注册新的Windows Hello通行密钥,您将收到错误。您必须先从给定的凭证存储库(例如iCloud钥匙串、Windows Hello或Google密码管理器)中删除现有通行密钥,然后才能在该凭证存储库中存储新的通行密钥。

某些设备可能需要启用特定功能才能存储通行密钥。

  • 在Apple设备上,在系统设置中启用iCloud钥匙串,并确保您的设置允许通行密钥在设备间同步。有关更多信息,请参阅iCloud钥匙串文档 ↗
  • 在Android设备上,必须启用屏幕锁定功能。出于安全原因,存在屏幕锁定是在Android设备上使用通行密钥的先决条件。有关更多信息,请参阅Android屏幕锁定文档 ↗

每个设备、浏览器或操作系统都有其自己的默认凭证存储库,例如iCloud钥匙串或Samsung Pass。请确保您选择的凭证存储库已在您的设备上启用。

通行密钥在移动设备上无法使用

某些通行密钥是设备特定的,仅当您使用存储它们的设备时才能工作。这些设备特定的通行密钥在创建时会提醒您它们只能在一台设备上使用。其他通行密钥可能可在多台设备上访问,例如存储在密码管理器中的通行密钥。为确保您能够在设备间使用通行密钥,请确保您已在设备上启用了凭证存储库提供商的自动填充功能。

例如,如果您希望在多台设备上使用Google密码管理器通行密钥,则必须在设备设置中将Google密码管理器启用为自动填充提供商。有关跨设备使用Google密码管理器通行密钥的更多信息,请访问官方Google密码管理器文档 ↗

忘记用户名

您的用户名是您用于注册Palantir账户的电子邮件账户。您将从Palantir收到的第一封电子邮件标题为"设置您的Palantir账户并登录"。在您的电子邮件账户中搜索此邮件以确认您拥有正确的账户。

客户端通行密钥问题

如果您遇到通行密钥问题,并且不确定这是由于Palantir平台还是软件/硬件限制造成的,您可以在webauthn.io ↗上测试您是否能够正常使用通行密钥。在此网站上注册并使用通行密钥,以确定通行密钥是否能在您的设备上工作。如果您仍然遇到问题,或者问题似乎源自Palantir平台,请选择登录表单下方的需要帮助?链接,并在AIP/开发者层级支持页面上填写表单以获取帮助。

在某些情况下,浏览器或操作系统可能过于陈旧而无法支持通行密钥。请确保您使用的是更新的操作系统和浏览器,例如Google Chrome、Microsoft Edge或Apple Safari,且版本在过去六个月内发布。查看我们的受支持的浏览器以获取更多信息。

我的组织不支持通行密钥

如果您的组织完全不支持物理或数字通行密钥,则可能无法创建自助服务Palantir账户,包括AIP开发者层级账户。如果您将参加Palantir活动并需要访问平台,请联系活动组织者以确认是否可以为您提供兼容的硬件。

电话号码不可用

在账户创建过程中,系统会要求您提供电话号码。如果您收到错误消息电话号码不可用,您需要输入另一个号码。每个注册只能使用一次电话号码。

电子邮件域名限制

您的注册可能限制可用于注册或登录的电子邮件域名。如果您的电子邮件域名不被允许,您在注册时可能会遇到错误,提示您的域名受到限制或您的邀请已失效。在登录时,域名限制可能导致一般性登录失败,而不提供额外详细信息。

当注册管理员在发送邀请或创建您的账户后更新域名限制时,可能会发生这种情况。如果您之前拥有访问权限或收到了邀请链接但不再有效,请联系您的注册管理员以确认当前允许哪些电子邮件域名,并在需要时请求新的邀请。

用于注册通行密钥的身份验证器不被允许

如果您使用的是过时的操作系统或浏览器,在尝试使用通行密钥时可能会收到以下错误:

用于注册通行密钥的身份验证器不被允许,或者无法读取其详细信息。
请确认您使用的是受支持的浏览器,然后再试一次。

出于安全原因,来自过时操作系统或浏览器的通行密钥会被阻止。要解决此问题,请更新您的操作系统或浏览器,或使用具有最新软件的设备。确保您使用的是受支持的浏览器以避免问题。

通行密钥不符合安全要求

某些注册强制执行安全策略,限制可以使用哪些类型的通行密钥。如果您的通行密钥不满足这些要求,您在尝试登录或注册新通行密钥时会遇到错误,提示该通行密钥不符合注册的安全要求。如果在您注册通行密钥后策略发生更改,错误可能会提示它不再符合要求。

这通常意味着您的注册需要特定的身份验证器,例如硬件安全密钥,而不是内置的设备通行密钥。如果您注册了多个通行密钥,请尝试使用不同的密钥。联系您的注册管理员以确认您的注册批准了哪些通行密钥类型。