To enable SSO authentication, enter the domain which users must have an email address associated with.
Users can enable a multi factor authentication for password based logins in Gremlin Company Settings under the Security tab. Currently, Time-based Token (Time-based One Time Passwords, TOTP) MFA is supported. An example of a compatible authenticator is the Google Authenticator, available on the Apple App Store and Google Play.
Super users can force MFA use for users across the entire company. When
Enforce MFA is enabled all users who authenticate without MFA will be provided with a secret key and QR barcode to setup their authenticator. Super users also have the ability to disable MFA for individual users within their company, useful in cases where a user loses their authenticator.
Companies who host their own SAML compatible Identity Provider (IDP) can utilize SAML sign-on for their users to authenticate with Gremlin. SAML provides your organization complete control over the users authentication process and experience. When using SAML, authentication requests are forwarded to your IDP, which performs authentication as your company specifies. Once a user has authenticated, their details such as their email address, are securely delivered to Gremlin and the user is granted access.
SAML configuration can be performed by super users in Gremlin Settings on the Security tab.
In order to configure your IDP for SAML please use our Service Provider (SP) metadata, available with the following command (replace with your company name):
curl https://api.gremlin.com/v1/users/auth/saml/metadata?companyName=<COMPANY NAME>