In this article, you'll learn about the tools and features that ensure your account security.
In this section:
To manage your security settings, go to My Profile, and choose the Security tab.
As an administrator, you can also manage security in the Team Settings tab and enforce security settings for all account users.
The Account Owner can enforce Two-factor Authentification for logging into the Voucherify account. As a result, each logging attempt requires two forms of authentication. Voucherify supports text messages, Google Authenticator, and back-up codes as a second identification mechanism. Go here to learn more.
From this view, you may quickly change your Voucherify password.
You are going to receive an email notification each time a password change is performed.
Account activity logs
To gain valuable insights into account activity, you may also monitor the account security logs.
SAML (Security Assertion Markup Language) ensures easy and centralized management of access to your business applications and resources. Voucherify enables account administrators to connect custom SAML application and use it instead of the standard authentication process while logging in. As a result, your users can log into the Voucherify account using a single sign-on authentication process.
The account administrator can enable and enforce SAML Authentication in the Team Settings > Security tab.
To connect the custom SAML application, you're going to need:
- Identity Provider EntryEndpoint URL (1) - in this field, give the SAML URL where the Identity provider sends the authentication token.
- Identity Provider certificate (2) - electronic document copied from the Identity provider settings and used to prove the ownership of a public key.
Optional configuration details:
- Provider Name (3) - the name of your identity provider, e.g., OneLogin, 0Auth.
- Issuer (4)- stands for the EntityID (unique identifier) of the service provider.
- Audience (5) - a value within the SAML assertion that specifies who (and who only) the assertion is intended for. The audience represents the service provider, usually by using a URL address that is validated when the request is received.
Encrypt SAML requests
To increase the security of your transactions, you can sign or encrypt both requests and responses in the SAML protocol:
- Sign SAML-Requests - add the private tenant key to sign SAML requests. You can also provide your own private/public key pair to sign requests coming from a specific connection.
- Decrypt SAML-Response - by default, the identity provider uses the private/public key pair assigned to your tenant to sign SAML responses or assertions. In the case of very specific scenarios, you might wish to provide your own key pair.
Recommended identity providers:
- AWS IAM