In the Identity Management Panel of the Admin Panel, you can customize your security settings in Lucidpress to match the security settings of your organization.
In addition to allowing the traditional method of email and password log ins, Lucidpress integrates with the following Single Sign-On (SSO) applications.
- Google SSO
- Office 365
- SAML (Unless this SSO method is set as the default sign-on method, users will be able to log in through the SAML API but will not be able to use SAML to log in through the Lucidpress API.)
You can enable and disable different log in methods by navigating to the User Sign In tab in the Indentity Management panel and checking or unchecking the boxes next to the different methods. When you have more than one method selected, users will be able to select their desired log in method after typing their email address into the Lucidpress log in page.
In the User Sign In tab, you can also set your team’s default authentication method. This is the log in method that users will encounter when they click “Next” or hit the “Enter” key after typing their email address into the Lucidpress log in page. For example, the Lucidpress team has Google SSO set up as our default sign-on method, so employees will be directed to log in with Google when they click “Next” or hit “Enter.”
Restrict User Log In to Whitelisted IP Addresses
If you would like your employees to only be able to log in to Lucidpress from specific locations, check this box and whitelist certain IP addresses by typing them into the field below.
Note: This feature will not prevent users from logging in with a whitelisted IP address and then moving to another address that is not whitelisted.
CIDR Notation: This feature requires CIDR notation to denote IP ranges, e.g. 192.168.2.0/24.
If your organization allows email and password log in, you can change the settings in the Password Policy tab to increase the security of your users’ passwords.
Force Password Reset
By pressing this button, you will force a password reset for every member of your organization. When a user logs in after you do this, they will be prompted to change their password.
Domain Lockdown is an Enterprise feature that allows you to control the security settings for users on your domain.
If you enable domain lockdown, users who attempt to sign up for a Lucidpress account will be notified that an enterprise account already exists with their given domain and they will be redirected to verify their identity. Once they have verified their identity, they will be pulled into your organization’s Lucidpress account.
The domain lockdown feature prevents users from creating unauthorized teams outside of your team account and allows you to set security standards for your entire organization.
You can select one of the following options for verifying your user’s identities.
- Confirmation email: The user will receive an email with a confirmation link. Once they click on the link, they will be pulled into your Lucidpress account.
- SAML authentication: This option will redirect users to your organization’s SAML instance. Once they log in successfully they will be pulled into your account.
- Google SSO authentication: This option will redirect users to authenticate via Google SSO. Once they have successfully logged in, they will be pulled into your Lucidpress account.
- Office 365 SSO authentication: This option will redirect your users to authenticate via their Office 365 credentials. Once they have successfully logged in, they will be pulled into your Lucidpress account.
- Redirect to custom authentication URL: This allows users to redirect to a different SSO provider via an authentication URL.
Note: Due to the security demands of domain lockdown, you will need to click the "Contact Support" link to fill out a request form.
- Collaboration and Domain Restrictions
- Identity Management