Account Security

In this article, you'll learn about the tools and features that ensure your account security.

In this section:

  1. Multi-Factor Authentication (MFA)
  2. Password change
  3. Account activity logs
  4. SAML Authentication

To manage your security settings, go to My Profile, and choose the Security tab. 

My profile tab

As an administrator, you can also manage security in the Team Settings tab and enforce security settings for all account users.

Multi-factor Authentication

The Account Owner can enforce Two-factor Authentification for logging into the Voucherify account. As a result, each logging attempt requires two forms of authentication. Voucherify supports text messages, Google Authenticator, and back-up codes as a second identification mechanism. Go here to learn more.

Enable 2FA

Password change

From this view, you may quickly change your Voucherify password. 

Change password

Password change

You are going to receive an email notification each time a password change is performed.

Account activity logs

To gain valuable insights into account activity, you may also monitor the account security logs.

Account security logs

SAML Authentication

SAML Authentication is only available in the Enterprise subscriptions. Contact us to request on-demand access to this feature. 

SAML (Security Assertion Markup Language) ensures easy and centralized management of access to your business applications and resources. Voucherify enables account administrators to connect custom SAML application and use it instead of the standard authentication process while logging in. As a result, your users can log into the Voucherify account using a single sign-on authentication process.

The account administrator can enable and enforce SAML Authentication in the Team Settings > Security tab. 


To connect the custom SAML application, you're going to need:

  • Identity Provider EntryEndpoint URL (1) - in this field, give the SAML URL where the Identity provider sends the authentication token. 
  • Identity Provider certificate (2) - electronic document copied from the Identity provider settings and used to prove the ownership of a public key.

Optional configuration details:

  • Provider Name (3) - the name of your identity provider, e.g., OneLogin, 0Auth.
  • Issuer (4)- stands for the EntityID (unique identifier) of the service provider. 
  • Audience (5) - a value within the SAML assertion that specifies who (and who only) the assertion is intended for. The audience represents the service provider, usually by using a URL address that is validated when the request is received.

Encrypt SAML requests

To increase the security of your transactions, you can sign or encrypt both requests and responses in the SAML protocol:

  • Sign SAML-Requests - add the private tenant key to sign SAML requests. You can also provide your own private/public key pair to sign requests coming from a specific connection.
  • Decrypt SAML-Response - by default, the identity provider uses the private/public key pair assigned to your tenant to sign SAML responses or assertions. In the case of very specific scenarios, you might wish to provide your own key pair.

Recommended identity providers:

  • Auth0
  • OneLogin
  • AWS IAM 

Still need help? Contact Us Contact Us