Authentication Features

As a Govstack platform administrator, you can set up a variety of security features to authenticate your users, including:

• Validation emails
• Forced password reset
• Multi-factor authentication (MFA)

This is useful if a user forgets their password or believes their password or email has been compromised.

Please note that only local Govstack clients can set up authentication features. If you are using your organization's own identity provider (IdP), such as Azure Active Directory, you will need to set up your own authentication features through your organization's internal system.

Set up validation emails

If you want to validate a user's email for any reason, you can set up an email validation for that user. This will send them a code via email when they try to log in to the Govstack platform, which they will be asked to input before they can log in. To set up email validation, you need to:

1. Select your profile icon in the top right corner of your Govstack dashboard, and then select 'Manage Users'
2. This will redirect you to the Admin Portal, where you will land on the 'Search Users' page
3. From here, search for the user you want to set up a validation email for
4. Click on the user line from the list of search results
5. Select 'Validate Email or Change Password' from the 'Actions' section on the right side of the page
6. Select 'Force revalidate email'
7. Select 'Change Flags' to confirm

Now, when that user tries to log in, they will be sent a code via email in order to validate their email address before they can log in.

Force users to reset their password

You can force a user to reset their password when they try to log in to the Govstack platform if you believe that their password may be compromised. To force a user to reset their password when they try logging in, you need to:

1. Select your profile icon in the top right corner of your Govstack dashboard, and then select 'Manage Users'
2. This will redirect you to the Admin Portal, where you will land on the 'Search Users' page
3. From here, search for the user whose password you want to force them to reset
4. Click on the user line from the list of search results
5. Select 'Validate Email or Change Password' from the 'Actions' section on the right side of the page
6. Select 'Force password reset'
7. Select 'Change Flags' to confirm

Now, when that user tries to log in, they will be forced to create a new password before they can proceed.

Multi-factor authentication

You can add the optional enhanced security measure of multi-factor authentication (MFA). Users will be required to verify their identity by one of two available methods:

1. By a verification code sent via SMS message. The code must be entered and validated to complete the sign in process.
2. By a phone call that requires the user to press the pound key on their keypad to complete the sign in process.

Each user will be required to add their mobile number to their profile once MFA is enabled.

If you already have MFA enabled on your identity provider that is integrated with Govstack, you will not need to enable this feature on the platform.

This feature is not enabled on your organization's account by default. To enable this feature please contact your Account Executive.