Security

the security section in engini allows customers to customize and fortify their account’s security measures it provides access to essential security features designed to protect user data, enhance access control, and ensure secure workflows here’s how you can navigate to and utilize the security features click on the settings icon located in the lower side of the side bar click on the “security” section in the security section, users can view and manage 4 distinct features tailored to their specific security requirements session timout allows users to activate or deactivate this feature click on the toggle to turn on the session time out and to define the idle time enter the idle session timeout minimum idle time can be set to a minimum of 30 minutes if you changed the default (30 minutes) idle session time out, click on the “save” button to save the changes note after the specified time of inactivity, the user is automatically logged out and redirected to the login page if this feature remains inactive, users can remain on the platform indefinitely without being disconnected sso authentication sso (single sign on) allows users to securely access engini with a single login, eliminating the need for multiple credentials while enhancing security and user convenience click on “configure sso” to open the configuration dialog a window will open where you can fill in the required sso details provider – select your identity provider (e g , okta) once selected, the authority, sign in url, and sign out url fields will be automatically filled based on your provider authority the url of your identity provider’s authorization server (this will be pre filled if the provider is selected) client id – the unique identifier provided by your sso provider for the application client secret – the secure secret key provided by your sso provider for authentication sign in url – the url where users are redirected for authentication this field is pre filled if the provider is selected sign out url – the url for logging out and redirecting users back to the application this field is pre filled if the provider is selected setting up sso in engini to configure sso, you need to exchange information between engini and your chosen identity provider (e g , okta) log in to okta access your okta account and log in with your credentials navigate to account and click on admin enter the verification code from the okta verify app to proceed create an app integration on the left side of the okta dashboard, click applications click create app integration choose the required sign in method and application type (follow your organization’s preferences) assign a name for your application and proceed to the next step configure redirect urls scroll down to the section for sign in redirect urls and sign out redirect urls open engini and copy the sign in url from engini’s sso configuration page into okta’s sign in redirect url field similarly, copy the sign out url from engini into okta’s sign out redirect url field set assignments at the bottom of the okta configuration page, in the assignments section, select allow everyone in your organization to access click save copy client credentials from okta to engini after saving, you will be redirected to a page showing the client id and client secret copy the client id from okta and paste it into the client id field in engini’s sso configuration window copy the client secret from okta and paste it into the client secret field in engini configure the authority field in engini in your browser, look at the url in the address bar of the okta page copy the domain part of the url (the portion between http // and okta) and paste it into the authority field in engini save the configuration in engini once all the fields in engini are filled out (client id, client secret, authority, sign in url, and sign out url), click save in engini’s sso configuration window disable federation broker mode go to the applications section in okta locate and disable the federation broker mode option for the application assign the application to users navigate back to applications in okta click assign to users for the application you created select the users you want to assign to this application create a new policy on the left hand menu, click on security, then select api locate the relevant authorization server and click edit in the authorization server settings, click on the access policies tab click add policy and provide a name and description for the policy select who to assign the policy to all clients or specific clients (you’ll need to select the clients manually) click create policy add a rule on the same access policies page, click add rule under the created policy configure the rule as needed after completing the sso configuration, click on the sso verification button in order to checks the connectivity between engini and the identity provider (e g , okta) final step now, simply toggle enable sso to activate sso authentication and start using it seamlessly signing in with sso after setting up sso in engini, you can sign in using your organizational credentials if you haven’t configured it yet, https //app archbee com/public/preview ixqqblwfxopjg0nave78y/preview vcgvwvr7lhgegoxeulrd#jzkun follow the steps below to connect to engini using sso step 1 click on sign in with sso step 2 sign in with sso allows you to log in with the name of your account account name enter you account name sign in with sso click the button to sign in to your engini account step 3 redirect to your identity provider after you enter your account name and click “sign in with sso” , engini will automatically redirect you to your organization’s login portal (such as okta) log in using your company credentials (email and password) before attempting to sign in with sso, make sure your organization has configured the correct redirect urls in the engini security settings learn how to configure redirect urls https //app archbee com/public/preview ixqqblwfxopjg0nave78y/preview vcgvwvr7lhgegoxeulrd#jzkun step 4 successful login once authenticated, you will be automatically redirected back to your engini account, no need to enter a separate password for engini two factor authentication (2fa) when the user who created the account sets up two factor authentication, the users invited to access that account are required to set up their own two factor authentication account level settings require full authentication while allowing users to customize their preferences click the enable two factor authentication” button to initiate the setup process an authentication methods window will pop up and you can choose between phone number or email for verification click on the “send verification code” button to request a code be sent to your chosen phone/email once received, utilize the code as necessary ip filtering allows users to limit account access to specific addresses or countries users must configure at least one filtering row to use the ip filtering click “add filter record” to start defining filters applying filters choose between “user” or “connection” connection selecting from available connections within the current account specify type ip related values or country if you choose “country” selecting the value from the available countries otherwise enter the ip address / range user specify type ip related values or country if you choose “country” selecting the value from the available countries otherwise enter the ip address / range activate the filter once configured and press on the green v to save the filter settings notes these security features are available exclusively with a premium subscription in engini configuration and management of these features empower users to enforce personalized security protocols suited to their workflow and access requirements