Documentation

Device access

Approve, scope, and block station devices on the LAN without shared logins.

On the on-site profile, station laptops don't share an admin login. Instead, each device registers on the network and an administrator grants it a role and event scope. This keeps admin credentials off the station floor while still letting any laptop operate at exactly the access you grant.

How a device gets access

  1. A station laptop opens the station URL. It's identified by an opaque device cookie (only a hash is stored), not a login.
  2. Until approved, the device sees a "waiting for access" gate — never an admin login screen.
  3. An admin opens Memoria Settings → Devices and approves the waiting device, granting it a role and an optional event scope.
  4. The device then operates a normal session at that role and can process participants.

Devices never get Admin. Approval provisions a scoped, password-less device user that operates at the role you grant — so a station can't reach admin surfaces. Blocking a device deactivates that user instantly.

Scoping a device to an event

Granting an event scope limits a device to a single event's participants and stations. This is useful when several events share the same room or network — each station laptop only sees the event it's assigned to.

Blocking and forgetting devices

  • Block a device to immediately revoke its access; it returns to the waiting gate.
  • Forget a device to remove its registration entirely.

Hosted / SaaS

Device-access control is specific to the on-site LAN profile. On the hosted profile, users authenticate with cloud accounts instead, and this gate doesn't apply.