User authentication: best practices Follow
This article is intended for license administrators. It describes the following best practice scenarios:
- Configuring automatic assignment of authentication methods
- Configuring authentication for projects that include both your company’s employees and external users
Configuring automatic assignment of authentication methods
You can configure automatic assignment of authentication methods to new license members. The following options are available:
-
Associate email domains with an authentication method.
When a license administrator adds users to a license from the "Users" page, users from email domains that are associated with any authentication methods are assigned the respective methods.
-
Specify the default authentication method.
When a license administrator adds users to a license from the "Users" page, users from email domains that are not associated with any authentication method are assigned this authentication method.
You can set both options when you add or edit an authentication method.
The main advantage of this method is additional security because each license member gets the correct authentication method no matter who adds them to the license. This also reduces the time required to register a license member.
See the example of applying these rules in Configuring authentication for projects that include both your company’s employees and external users.
Configuring authentication for projects that include both your company’s employees and external users
If your project includes both your company’s employees and external users, we recommend that you configure the following authentication methods:
- A single sign-on authentication method for your company’s employees.
- Revizto login for external users.
Using single sign-on authentication in all corporate resources, including Revizto projects, increases the security of Revizto accounts, as an administrator can revoke user access to all resources at once by closing a single account.
We recommend that you configure the following rules for automatic assignment of authentication methods:
- Add your company’s email domain to the list of associated domains for a single sign-on authentication method of your choice. All new license members from your company’s domain will be assigned this authentication method.
- Make "Revizto login" the default authentication method. All new license members that do not belong to your company’s domain will be assigned this authentication method.
Comments
0 comments
Article is closed for comments.