In this article, we cover off how to configure Fluid for recommended user and authentication.
Configure Authentication Settings
Using the administration console - configure the Authentication Providers.
Apply a minimum level of authentication
- Disable Basic Passwords
- Disable Forms (Username & Password) Login mechanism
- Disable login alias'
- Allow magic link login for one time pin requests - this significantly reduces user "please reset my password" support requests.
- Allow SAML Authentication
Enable SSO - Single Sign On
The recommended authentication mechanism is SAML 2.0 SSO - this can be configured by application administrators. The following article explains how to configure SAML 2.0 SSO with Azure AD (o365) as the identity provider.
Fluid SSO – Azure AD : Fluid.Work Support
User Provisioning / De-Provisioning
To automatically provision and deprovision accounts we recommend the automated api using SCIM Protocol. The following article explains how to configure this using Azure AD.
Import users from Azure AD using SCIM : Fluid.Work Support
Invite & Sign Up Settings
Ensure Self sign up is disabled and Invite options are configured as per your preference. Define a list of accepted email domains for new users - this is likely to be your corporate domain (e.g. @mycompany.com or @fluidbsg.com) using the following article Team Sign Up : Fluid.Work Support (freshdesk.com)
Whitelist Fluid domains for email and web traffic
Co-ordinate with your corporate IT / network administrators to ensure the *.fluid.work domain is not blocked by routers or firewalls, or mail servers.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article