For users to successfully sign in to Roamer X, the app must be granted a specific “Roamer X AAD Authentication” permission within IBSS security.
Without this permission, users will see the error message from Microsoft with the code AADSTS500011 and won't be able to proceed signing in.
The sing-in background process differs depending on whether the Microsoft Authenticator app is installed on the user's device:
- If the Microsoft Authenticator app is installed, Roamer will use its logged in session, and user won't have to provide username or password
- If not - M365 webportal login instead
For users who have the Microsoft Authenticator app is installed, Roamer X is configured to use it as a broker. If the user is already signed into an account within the Authenticator app, MSAL is able to leverage that session. In this scenario, MSAL routes interactive login requests through the Authenticator rather than using the web login.
If the Authenticator app is not available, or the user has not signed in to it, the standard M365 web login flow is used instead.
This approach supports Entra ID’s Conditional Access policies, which require the ability to determine whether the device is managed and/or if an App Protection Policy is in place.
While it is technically possible to achieve this via a browser-based flow, so it would always go to the M365 web login, that would rely on OS-level capabilities, which can vary significantly between manufacturers. To ensure consistent and secure behaviour, we explicitly set "broker_redirect_uri_registered": true in our code to enable broker support via the Authenticator app when available.
During the Early Access stages of app adoption, we recommend using both Roamer and Roamer X side-by-side.
Upon installing the Roamer X app, there are several initial steps to access the app.
With Multi-Factor Authentication
If your organisation uses the Multi-Factor Authentication, you will be prompted to use an authentication app to complete your sign in:
| 1 | Roamer X | During login to Roamer X with your organisation name, the app prompts you to keep your account secure by installing a third-party authenticator app. |
| 2 | On your device | Install the app that is used by your organisation. |
| 3 | MFA app | Login to the app and complete steps as prompted until your device is registered. |
| 4 | Roamer X | Return to Roamer X when you're redirected. |
| 5 | In the Your organisation is now protecting its data in this app. You need to restart to continue. popup, select Ok. Roamer X closes to process authentication. | |
| 6 | Open Roamer X again. | |
| 7 | On the To access your organisation's data with this app, set a PIN. page, enter you PIN and confirm it. |
Now, if your PIN is correct, you're successfully logged in in Roamer X. Read more here: Roamer managed in Microsoft Intune
Without Multi-Factor Authentication
If your organisation does not use Multi-Factor Authentication, complete the following steps depending on the OS that your device operates on.
| Android | iOS | ||
|---|---|---|---|
| 1. | Allow Roamer to find Bluetooth devices nearby. |  |
 |
| (For iOS devices) Allow using your device's location |  |
||
| 2 |
Or
Note for organisations where Signify Indoor Positioning is enabled: If you don't try scanning the QR code and didn't allow using your device's camera, you are asked to allow it when looking at the map. This is mandatory setting to enable displaying your location on the map. |
 |
 |
| 3 |
Accept Privacy Policy and EULA. Should you decline, you will not be able to proceed with Roamer X. |
 |
 |
| 4 | Select an identity provider to authenticate. |  |
 |
| 5 | (For Android devices) Allow using your device's location. |  |
You won't need to allow Roamer X using your device's camera, location, or find nearby Bluetooth devices again until you reinstall Roamer X or restrict using these settings intentionally.
At this point, you reach Roamer X onboarding steps to help you set up the app to your preferences. You can skip it and tap User defaults for now or you can tailor the settings at this point.
If you choose to go through onboarding questions, select what applies to you:
- Language for the app. At present, the app is available only in English.
- The building where you primarily work and would like to book.
- Floor where you will make most of your bookings.
- Start and end time of your working day. By choosing your standard working hours we can help make your life easier by tailoring your experience and default selections.
- Set up a PIN to log in on room tablets or floor kiosks within your organisation if available.
- Allow or decline it for colleagues to be able to find where you are booked.
- Notifications that you'd like to receive: visitor arrivals, booking reminders, and service requests status changes for the operational team.
Read more about User Preferences in Roamer X.
👋 Share your feedback with us about this documentation. Highlight a word or a whole paragraph and click the plus icon that appears. We keep improving this knowledge base based on your comments.