Managing 2-Step Verification

PreviousCreating a New Portal NextCustomizing Portal Menus

Last updated 1 year ago

Managing 2-Step Verification

This feature is only available on Onestop Enterprise

Onestop allows you to enforce 2 step verification on your portal for certain types of users. This gives you more control of the security and flexibility of your portal in automating your process flows.

Enabling Two Factor Authentication

To enable 2 Factor authentication:

Go to Portals
Select the portal
Go to the Advanced tab
Click on the "Enforce 2-Factor Authentication" Button
You can now configure more settings for 2-Factor Authentication as described in the next paragraph.
Click the Save Button

Managing 2-Factor Authentication Settings

Once you have enabled 2-Factor Authentication you can configure more settings. Its important to note that if you do not explicitly configure the settings you want, 2-Factor Authentication will have default behavior that may not be ideal for your organization. Configuring 2FA settings allows you to take control of the 2FA process on your portal.

To Configure settings:

Open your portal
Click on Edit 2-Factor Authentication Settings

You can configure the following settings for 2-Factor Authentication:
- Verification Methods: Choose the methods that will be used for the 2nd factor of authentication after a user has already provided their password (the 1st factor). These include Email, Authenticator app etc. If you do not select a verification method, all of them will be available on your portal
- Users to enforce 2FA for: These are the groups of users in Onestop who will have to use 2FA to acccess your portal. You can choose 1 or more of the 3 broad categories of users on Onestop i.e. Clients, Workers & Administrators. If you do not select values here, all user will be required to used 2FA on your portal.
- Enforce 2FA on IP Change only: Only enforce 2FA when the user logs in from a new location, tracked via their IP address.
- Re-Authentication Duration: The duration in hours since last login after which a user will be required to provide their 2nd Factor e.g. email verification token, SMS verification code etc.
- IP Verification Duration: The number of hours since last login from a specific IP address after which the user must provide their 2nd factor, even if they are logging in from the Same IP address.

PreviousCreating a New Portal NextCustomizing Portal Menus

Last updated 1 year ago

This feature is only available on Onestop Enterprise

Enabling Two Factor Authentication

To enable 2 Factor authentication:

Go to Portals
Select the portal
Go to the Advanced tab
Click on the "Enforce 2-Factor Authentication" Button
You can now configure more settings for 2-Factor Authentication as described in the next paragraph.
Click the Save Button

Managing 2-Factor Authentication Settings

To Configure settings:

Open your portal
Click on Edit 2-Factor Authentication Settings

You can configure the following settings for 2-Factor Authentication:
- Verification Methods: Choose the methods that will be used for the 2nd factor of authentication after a user has already provided their password (the 1st factor). These include Email, Authenticator app etc. If you do not select a verification method, all of them will be available on your portal
- Users to enforce 2FA for: These are the groups of users in Onestop who will have to use 2FA to acccess your portal. You can choose 1 or more of the 3 broad categories of users on Onestop i.e. Clients, Workers & Administrators. If you do not select values here, all user will be required to used 2FA on your portal.
- Enforce 2FA on IP Change only: Only enforce 2FA when the user logs in from a new location, tracked via their IP address.
- Re-Authentication Duration: The duration in hours since last login after which a user will be required to provide their 2nd Factor e.g. email verification token, SMS verification code etc.
- IP Verification Duration: The number of hours since last login from a specific IP address after which the user must provide their 2nd factor, even if they are logging in from the Same IP address.