Recommend Enterprise Security Settings

Modified on Thu, 30 Dec 2021 at 04:20 PM

In this article, we cover off how to configure Fluid for recommended user and authentication.



Configure Authentication Settings


Using the administration console - configure the Authentication Providers. 


Apply a minimum level of authentication 


  • Disable Basic Passwords
  • Disable Forms (Username & Password) Login mechanism
  • Disable login alias'
  • Allow magic link login for one time pin requests - this significantly reduces user "please reset my password" support requests.
  • Allow SAML Authentication





Enable SSO - Single Sign On


The recommended authentication mechanism is SAML 2.0 SSO - this can be configured by application administrators.  The following article explains how to configure SAML 2.0 SSO with Azure AD (o365) as the identity provider.


Fluid SSO – Azure AD : Fluid.Work Support




User Provisioning / De-Provisioning


To automatically provision and deprovision accounts we recommend the automated api using SCIM Protocol.  The following article explains how to configure this using Azure AD.


Import users from Azure AD using SCIM : Fluid.Work Support




Invite & Sign Up Settings


Ensure Self sign up is disabled and Invite options are configured as per your preference.  Define a list of accepted email domains for new users - this is likely to be your corporate domain (e.g.  @mycompany.com or @fluidbsg.com) using the following article Team Sign Up : Fluid.Work Support (freshdesk.com)





Whitelist Fluid domains for email and web traffic


Co-ordinate with your corporate IT / network administrators to ensure the *.fluid.work domain is not blocked by routers or firewalls, or mail servers.


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article