All Collections
Settings + Permissions
Security
Security & Authentication Settings
Security & Authentication Settings

Learn how to configure your internal and external user authentication methods.

Michael Stephenson avatar
Written by Michael Stephenson
Updated over a week ago

Overview

In Element451, you have the ability to choose which authentication methods you want to allow for your internal and external users.

You can configure these settings by clicking on your profile picture in the top right corner and then navigating to Settings > Manage Users > Security.

Video Overview


Internal Authentication Settings

Use this section to specify the method(s) through which your internal users (staff and faculty) can access your Element451 dashboard.

  • Password

    • If you choose to enable the Element451 login (email and password), you also have the ability to enable multi-factor authentication (MFA).

    • To enable MFA, toggle on the Use MFA setting.

  • SSO

  • Google

  • Api Key


External Authentication Settings

Use this section to specify the method(s) through which your external users (students).

  • Password

    • If you choose to enable the Element451 login (email and password), you also have the ability to enable multi-factor authentication (MFA).

    • To enable MFA, toggle on the Use MFA setting.

  • SSO

  • Google


Configuring SSO

To use your school's SAML2 SSO provider for either internal users (staff) or external users (students/contacts), you'll need to add your metadata to the SSO Authentication Settings:

  • Navigate to Settings > Manage Users > Security > SSO Authentication

  • You will need to configure and provide metadata separately for each use (internal/external):
    ​


Session Duration

To ensure security, Element451 sessions are time-bound and require re-authentication on a regular basis.

  • Element451 Username/Password: 24 hours

  • SAML Single Sign-on: 24 hours

  • Google: 30 Days

  • Via Element451 Magic Links: 48 Hours


Your API Keys

An API key serves as an authentication token, functioning as a secure access pass for API calls. It establishes authorization, allowing access to your integrations.

  • When you create an API key, it is associated with your account and will be listed here under Your API Keys.

  • To ensure better security and organization, we recommend creating a new internal user (e.g., Integrations) to generate the API key. This way, if there's a change in employees or someone else needs access, the API key won't be tied to a specific user's account, making transitions smoother.

  • Even if Password authentication is disabled, API keys can still authenticate API calls.

Disabling Username/Password Method + Using API

If you've built your own API integration prior to Dec 2023, disabling password login to enforce SSO will break your integration. Be sure to create an API key for authenticating your API calls.
​
API integrations managed by Element451 are not affected if you turn off password login options.


Multi-Factor Authentication (MFA)

MFA can be enabled if you are using the Element451 authentication method (Password). If enabled, a code will be emailed to the user.

Did this answer your question?