This article explains how you can use indevis authentication to give your Personio account additional protection. You will find an overview of all the prerequisites below, as well as instructions on how to set up the integration.

Activate from the Marketplace: We have improved the activation flow for this Integration. You can now start the activation from the Marketplace. For more information, visit our article Activate Integrations from the Marketplace.


What Is indevis?

indevis uses a custom login procedure to ensure that your Personio account is especially well-protected from unauthorized access. The standard Personio login requires a user name and password.

The indevis authentication service uses what is known as two-factor authentication to significantly increase the security of the login process, thus protecting the sensitive data stored in your account. Rather than using a static password, users instead log in with both a self-selected PIN (the first factor) and a continuously changing code (the second factor). This is displayed on a token, and users can choose between a hardware, software or SMS token.

When a company decides to protect their user accounts with two-factor authentication, choosing indevis as a partner means that they have an ISO/IEC 27001, BSI-certified managed security service provider offering the highest level of security standards.

The information required to log in to your Personio account does not leave the indevis systems at any point during the authentication process and is not even shared with Personio. The indevis authentication service is a scalable solution that allows companies to rent tokens for their employees, so they can order the exact number of tokens they actually need. indevis takes care of the implementation, meaning that the introduction of Personio as an HR system and secure access using indevis authentication can go hand in hand.


How Can I Set Up the Integration of Indevis and Personio?

Personio supports authentication via the OAuth protocol, which provides for secure, standardized API authorization. indevis carries out the required configuration, so customers do not need to integrate the authentication solution themselves. Personio forwards users to the indevis servers for login, which is where the authentication takes place.

Users enter their user name, self-selected password and PIN here. If they are correct, the OAuth code is forwarded to Personio and the access token is requested from indevis. Once this process has been completed correctly, Personio can retrieve the access token and thus the released user information from indevis, allowing the user to be assigned to the correct account via their email address. This communication between Personio and indevis runs in the background and allows authorized users to log in in seconds.


How Much Does It Cost?

indevis authentication uses a rental model that bills per token. In addition to the costs per token, there is also a one-time setup fee for the two-factor authentication. Please contact indevis directly for detailed information on the one-time setup fee.


Who Should I Contact at indevis?

If you have any questions about the integration process or about pricing, please contact the indevis Sales Team at




Article is closed for comments.

    Topics of this article