Add 3 new articles
This commit is contained in:
parent
6ad3faf4ae
commit
d5e577302f
@ -403,32 +403,26 @@
|
||||
<h2>Connecting third-party services</h2>
|
||||
<ul>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-amazon-docspace.aspx")%>">Connecting Amazon AWS S3 to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-apple-docspace.aspx")%>">Connecting Apple to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-bitly-docspace.aspx")%>">Connecting Bitly to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-box-docspace.aspx")%>">Connecting Box.com to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-clickatell-docspace.aspx")%>">Connecting Clickatell to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-docusign-docspace.aspx")%>">Connecting DocuSign to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-dropbox-docspace.aspx")%>">Connecting Dropbox to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-facebook-docspace.aspx")%>">Connecting Facebook to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-firebase-docspace.aspx")%>">Connecting Firebase to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-google-docspace.aspx")%>">Connecting Google to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-google-cloud-storage-docspace.aspx")%>">Connecting Google Cloud Storage to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-kdrive-docspace.aspx")%>">Connecting KDrive to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-linkedin-docspace.aspx")%>">Connecting LinkedIn to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-mail-ru-docspace.aspx")%>">Connecting Mail.ru to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-microsoft-docspace.aspx")%>">Connecting Microsoft to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-nextcloud-docspace.aspx")%>">Connecting Nextcloud to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-onedrive-docspace.aspx")%>">Connecting OneDrive to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-owncloud-docspace.aspx")%>">Connecting ownCloud to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-rackspace-docspace.aspx")%>">Connecting Rackspace Cloud Storage to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-selectel-docspace.aspx")%>">Connecting Selectel Cloud Storage to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-sharepoint-docspace.aspx")%>">Connecting SharePoint to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-smsc-docspace.aspx")%>">Connecting smsc to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-telegram-docspace.aspx")%>">Connecting Telegram to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-vk-docspace.aspx")%>">Connecting VK to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-wordpress-docspace.aspx")%>">Connecting Wordpress to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-yandex-disk-docspace.aspx")%>">Connecting Yandex.Disk to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-yandex-docspace.aspx")%>">Connecting Yandex to ONLYOFFICE DocSpace</a></li>
|
||||
</ul>
|
||||
<h2>Various settings</h2>
|
||||
<ul>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/docspace-two-factor-authentication.aspx")%>">Using two-factor authentication in DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/docspace-sso-settings.aspx")%>">Enabling Single Sign-on in DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/docspace-active-connections.aspx")%>">Managing Active sessions in DocSpace</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</li>
|
||||
|
||||
@ -56,6 +56,12 @@
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-sharepoint-docspace.aspx")%>">Connecting SharePoint to ONLYOFFICE DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/connect-telegram-docspace.aspx")%>">Connecting Telegram to ONLYOFFICE DocSpace</a></li>
|
||||
</ul>
|
||||
<h6>Various settings</h6>
|
||||
<ul>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/docspace-two-factor-authentication.aspx")%>">Using two-factor authentication in DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/docspace-sso-settings.aspx")%>">Enabling Single Sign-on in DocSpace</a></li>
|
||||
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/docspace-active-connections.aspx")%>">Managing Active sessions in DocSpace</a></li>
|
||||
</ul>
|
||||
</li>
|
||||
|
||||
</ul>
|
||||
|
||||
@ -381,7 +381,7 @@
|
||||
<li>click the <b>Save</b> button at the bottom of the section to apply the changes you made.</li>
|
||||
</ol>
|
||||
<p>When two-factor authentication with an authenticator app is enabled, a user can access the portal data after entering their regular email and password or signing in via a social media account and typing in a six-digit verification code or a backup code generated by the authenticator app. </p>
|
||||
<p>To access the portal for the first time after enabling the two-factor authentication:</p>
|
||||
<p>To access the portal for the first time after enabling two-factor authentication:</p>
|
||||
<ol>
|
||||
<li>Enter your regular credentials to access the portal. The QR code and your secret key are displayed on your portal login confirmation page.</li>
|
||||
<li>Install an authenticator app on your mobile device. You can use <b>Google Authenticator</b> for <a target="_blank" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a> and <a target="_blank" href="https://itunes.apple.com/app/google-authenticator/id388497605">iOS</a> or <b>Authenticator</b> for <a target="_blank" href="https://www.microsoft.com/en-us/p/authenticator/9wzdncrfj3rj?rtc=1&activetab=pivot%3Aoverviewtab">Windows Phone</a>.</li>
|
||||
@ -394,7 +394,7 @@
|
||||
<li>On your portal login confirmation page, enter a 6-digit code generated by your application.</li>
|
||||
<li>Click the <b>Connect app</b> button.</li>
|
||||
</ol>
|
||||
<p>To learn more on how to use the two-factor authentication on your portal you can read the following <a class="links" target="_blank" href="<%=VirtualPathUtility.ToAbsolute("~/administration/two-factor-authentication.aspx")%>">article</a>.</p>
|
||||
<p>To learn more on how to use two-factor authentication on your portal, you can read the following <a class="links" target="_blank" href="<%=VirtualPathUtility.ToAbsolute("~/administration/two-factor-authentication.aspx")%>">article</a>.</p>
|
||||
<div class="inner_delimiter"></div>
|
||||
<h5 id="TrustedDomain">Trusted mail domain settings</h5>
|
||||
<p>This section allows you to specify the mail servers used for user self-registration on your portal. By default, this option is disabled. To enable it,</p>
|
||||
@ -732,7 +732,7 @@
|
||||
<p>In the SaaS version, you can connect the following services on the <b>Third-Party Services</b> page:</p>
|
||||
<ul>
|
||||
<li><b>DocuSign</b> - to send files from the <b>Documents</b> module for electronic signature to your portal employees.</li>
|
||||
<li><b>Twilio</b> - to be able to call your CRM contacts from a web browser. You can also use <b>Twilio</b> to enable the two-factor authentication.</li>
|
||||
<li><b>Twilio</b> - to be able to call your CRM contacts from a web browser. You can also use <b>Twilio</b> to enable two-factor authentication.</li>
|
||||
<li><b>EasyBib</b> - to create bibliographic lists in your documents.</li>
|
||||
<li><b>Amazon AWS S3</b>, <b>Google Cloud Storage</b>, <b>Rackspace Cloud Storage</b> or <b>Selectel Cloud Storage</b> - to backup and store data from your portal.</li>
|
||||
</ul>
|
||||
|
||||
@ -262,7 +262,7 @@
|
||||
<li>click the <b>Save</b> button at the bottom of the section to apply the changes you made.</li>
|
||||
</ol>
|
||||
<p>When two-factor authentication with an authenticator app is enabled, a user can access the DocSpace data after entering their regular email and password or signing in via a social media account and typing in a six-digit verification code or a backup code generated by the authenticator app. </p>
|
||||
<p>To access your DocSpace for the first time after enabling the two-factor authentication:</p>
|
||||
<p>To access your DocSpace for the first time after enabling two-factor authentication:</p>
|
||||
<ol>
|
||||
<li>Enter your regular credentials to access your DocSpace. The QR code and your secret key are displayed on your DocSpace login confirmation page.</li>
|
||||
<li>Install an authenticator app on your mobile device. You can use <b>Google Authenticator</b> for <a target="_blank" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a> and <a target="_blank" href="https://itunes.apple.com/app/google-authenticator/id388497605">iOS</a> or <b>Authenticator</b> for <a target="_blank" href="https://www.microsoft.com/en-us/p/authenticator/9wzdncrfj3rj?rtc=1&activetab=pivot%3Aoverviewtab">Windows Phone</a>.</li>
|
||||
@ -274,7 +274,9 @@
|
||||
</li>
|
||||
<li>On your DocSpace login confirmation page, enter a 6-digit code generated by your application.</li>
|
||||
<li>Click the <b>Connect app</b> button.</li>
|
||||
</ol>
|
||||
</ol>
|
||||
<p>To learn more on how to use two-factor authentication in your DocSpace, you can read the following <a class="links" target="_blank" href="<%=VirtualPathUtility.ToAbsolute("~/administration/docspace-two-factor-authentication.aspx")%>">article</a>.</p>
|
||||
|
||||
<div class="inner_delimiter"></div>
|
||||
<h5 id="TrustedDomain">Trusted mail domain settings</h5>
|
||||
<p>This section allows you to specify the mail servers used for user self-registration in your DocSpace. By default, this option is disabled. To enable it,</p>
|
||||
@ -467,7 +469,7 @@
|
||||
<img alt="Enabling SSO Authentication" id="img10_eventcom_guides" class="bigphoto_screen" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/GettingStarted/DocSpace/big/SSO.png")%>" />
|
||||
<div target="img10_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
<p>To learn more about configuring SSO, read <a href="<%=VirtualPathUtility.ToAbsolute("~/administration/sso-settings-saas.aspx")%>">this article</a>.</p>
|
||||
<p>To learn more about configuring SSO, read <a href="<%=VirtualPathUtility.ToAbsolute("~/administration/docspace-sso-settings.aspx")%>">this article</a>.</p>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@ -58,7 +58,7 @@
|
||||
<p></p>
|
||||
</li>
|
||||
<li>Select the preferred <b>interface theme</b>: System (to automatically switch between the light and dark themes when your system does), Light, or Dark.</li>
|
||||
<li>Manage <b>active sessions</b> (to close <a class="links" href="<%=VirtualPathUtility.ToAbsolute("~/administration/active-connections.aspx")%>">active connections</a> on other devices).</li>
|
||||
<li>Manage <b>active sessions</b> (to close <a class="links" href="<%=VirtualPathUtility.ToAbsolute("~/administration/docspace-active-connections.aspx")%>">active connections</a> on other devices).</li>
|
||||
</ul>
|
||||
<div class="screen_block">
|
||||
<img alt="Editing profiles" target="img3_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/GettingStarted/DocSpace/Small/Connections.png")%>" />
|
||||
|
||||
@ -0,0 +1,181 @@
|
||||
<%@ Control Language="C#" Inherits="BaseContentUserControls" %>
|
||||
<%@ Register Namespace="TeamLab.Controls" Assembly="__Code" TagPrefix="cc" %>
|
||||
|
||||
<script runat="server">
|
||||
protected override void Init()
|
||||
{
|
||||
PageTitle = PageCaption = "Enabling Single Sign-on in DocSpace";
|
||||
MetaKeyWords = "ONLYOFFICE DocSpace, SSO, Single sign-on";
|
||||
MetaDescription = "Learn how to use ONLYOFFICE DocSpace Single Sign-on feature.";
|
||||
}
|
||||
</script>
|
||||
<div class="main_buscall_container dataBackup">
|
||||
<div class="MainHelpCenter">
|
||||
<h1 class="subHeaderFeaturesCaption TipsCaption">Enabling Single Sign-on in DocSpace</h1>
|
||||
|
||||
<%--<div class="keyword_block">
|
||||
<ul>
|
||||
<li><span class="serverversion_display"><cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/Tags/server-version/server-version.ascx" /></span></li>
|
||||
<li><span class="serverversion_display"><cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/Tags/local-server/local-server.ascx" /></span></li>
|
||||
<li><span class="serverversion_display"><cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/Tags/control-panel/control-panel.ascx" /></span></li>
|
||||
<li><cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/Tags/sso/sso-tag.ascx" /></li>
|
||||
<li><cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/Tags/shibboleth/shibboleth.ascx" /></li>
|
||||
<li><cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/Tags/onelogin/onelogin.ascx" /></li>
|
||||
<li><cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/Tags/adfs/adfs.ascx" /></li>
|
||||
</ul>
|
||||
</div>--%>
|
||||
<h2 id="Introduction">Introduction</h2>
|
||||
<p>The <b>Single Sign-on</b> section allows you to enable third-party authentication using SAML, thereby providing a more quick, easy and secure way to access DocSpace for users.</p>
|
||||
<p>This is a <b>Paid</b> feature (available for the paid <b>Business</b> plan only).</p>
|
||||
<p>Generally, the <b>Single Sign-on</b> technology allows users to sign in only once and then get access to multiple applications/services without re-authentication. E.g. if a web portal includes several large independent sections (forum, chat, blogs etc.), a user can undergo the authentication procedure within one of the services and automatically get access to all other services without entering credentials several times.</p>
|
||||
|
||||
<div>
|
||||
<p>An <b>Identity Provider</b> (IdP) is a service that creates, maintains and manages user identity information and provides user authentication to other Service Providers within a federation. Such services as OneLogin, ADFS etc. act as Identity Providers. A <b>Service Provider</b> (SP) is an entity that provides web services and relies on a trusted Identity Provider for user authentication. In our case, the Service Provider is the ONLYOFFICE.</p>
|
||||
<p>You can enable SSO on the base of SAML for the authentication/authorization data exchange between an Identity Provider and a Service Provider:</p>
|
||||
<ul>
|
||||
<li><b>SAML</b> (Security Assertion Markup Language) - an XML standard that allows to transmit user authentication/authorization data between an identity provider and a service provider through security tokens which contain assertions.</li>
|
||||
</ul>
|
||||
<p>Enhanced security is enabled by means of the fact that ONLYOFFICE does not store user passwords, instead of that it uses the results of the authentication on the Identity Provider side. All the necessary user information is transmitted through an authentication token. If the user information changes on the Identity Provider side, it will be automatically updated in DocSpace during the next SSO authentication (note that the data can only be synchronized in one direction: from the Identity Provider to ONLYOFFICE).</p>
|
||||
<p>After the Identity Provider and ONLYOFFICE are mutually configured to ensure SSO, the user SSO authentication process will be performed on the Identity Provider side. ONLYOFFICE will receive an authentication token (SAML) from the Identity Provider. After the token is validated (by using digital signatures and the token lifetime), ONLYOFFICE allows the user to access DocSpace.</p>
|
||||
|
||||
<h2 id="EnablingSSOsaas">Enabling SSO</h2>
|
||||
<p>To enable and configure SSO authentication for your DocSpace, proceed as follows:</p>
|
||||
<p>Check the <em>Identity Provider</em> configuration before adjusting the <em>Service Provider</em>.</p>
|
||||
</div>
|
||||
<ol>
|
||||
<li>Use the <img alt="Options icon" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/GettingStarted/dsoptionsicon.png")%>" /> menu in the lower left corner and select the <b>DocSpace Settings</b> option.</li>
|
||||
<li>In the DocSpace settings, open the <b>Integration</b> section on the left.</li>
|
||||
<li>Switch to the <b>Single Sign-on</b> tab.</li>
|
||||
<li>Turn on the <b>Enable Single Sign-on Authentication</b> switcher.</li>
|
||||
<li>In the <b>ONLYOFFICE SP Settings</b> section, click <em>Show</em> and fill in the required fields. The necessary information can be specified in several different ways:
|
||||
<ul>
|
||||
<li><b>Enter the URL address to the metadata file</b>. If your IdP metadata is accessible from outside by the link, insert the link into the <b>URL to IdP Metadata XML</b> field and click the <img alt="Arrow icon" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide174/arrowicon.png")%>" /> button to load data. When the data is loaded, all the required parameters will be automatically displayed in the extended form.</li>
|
||||
<li><b>Upload the metadata file</b>. If your IdP provides a metadata file, use the <b>Select file</b> button to browse for the file stored on your local machine. When the file is uploaded, all the required parameters will be automatically displayed in the extended form.</li>
|
||||
<li><b>Specify the required parameters manually</b>. If the metadata file is not available, enter the necessary parameters manually. To obtain the necessary values, please contact your IdP administrator.</li>
|
||||
</ul>
|
||||
</li>
|
||||
</ol>
|
||||
<div class="screen_block">
|
||||
<img alt="Enabling Single Sign-on in DocSpace" target="img1_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide174/sso1.png")%>" />
|
||||
<img alt="Enabling Single Sign-on in DocSpace" id="img1_eventcom_guides" class="bigphoto_screen" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/big/guide174/sso1.png")%>" />
|
||||
<div target="img1_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
<p>The following parameters are available:</p>
|
||||
<ul>
|
||||
<li><b>IdP Entity Id</b> (obligatory field) - the Identity Provider identifier or URL address which will be used by the Service Provider to unequivocally identify the IdP.
|
||||
<div class="example">https://example.com/idp/shibboleth</div>
|
||||
<p>where example.com is your SSO service domain name</p>
|
||||
</li>
|
||||
<li><b>IdP Single Sign-On Endpoint URL</b> (obligatory field) - the URL used for the single sign-on on the Identity Provider side. It is the endpoint address in your IdP to which SP sends authentication requests.
|
||||
<p>Set the necessary <b>Binding</b> type selecting one of the corresponding radio buttons. Bindings specify the way in which authentication requests and responses are transmitted between the IdP and SP over the underlying transport protocol: using the HTTP <b>POST</b> or HTTP <b>Redirect</b> binding.</p>
|
||||
</li>
|
||||
<li><b>IdP Single Logout Endpoint URL</b> - the URL used for the single logout on the Service provider side. It is the endpoint address in your IdP to which SP sends logout requests/responses.
|
||||
<p>Set the necessary <b>Binding</b> type selecting one of the corresponding radio buttons. Bindings specify the way in which logout requests and responses are transmitted between the IdP and SP over the underlying transport protocol: using the HTTP <b>POST</b> or HTTP <b>Redirect</b> binding.</p>
|
||||
</li>
|
||||
<li><b>NameId Format</b> - the <b>NameID</b> parameter allows SP to identify a user. Select one of the available formats from the list.</li>
|
||||
</ul>
|
||||
<div class="screen_block">
|
||||
<img alt="Enabling Single Sign-on in DocSpace" target="img2_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide174/sso2.png")%>" />
|
||||
<img alt="Enabling Single Sign-on in DocSpace" id="img2_eventcom_guides" class="bigphoto_screen" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/big/guide174/sso2.png")%>" />
|
||||
<div target="img2_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
<div class="notehelp">It's possible to customize the button used to login to DocSpace with the Single Sign-on service at the ONLYOFFICE authentication page. You can do it using the <b>Custom login button caption</b> field in the <b>ONLYOFFICE SP Settings</b> section.</div>
|
||||
<p>You can also add the IdP and SP certificates.</p>
|
||||
<h5>IdP Public Certificates</h5>
|
||||
<p><b>IdP Public Certificates</b> - this section allows you to add the Identity Provider public certificates used by the SP to verify the requests and responses from the IdP.</p>
|
||||
<p>If you have loaded the IdP metadata, these certificates will be added to your DocSpace automatically. Otherwise, the certificates can be found in your IdP account. To add a certificate manually, click the <b>Add certificate</b> button. The <b>New Certificate</b> window opens. Enter the certificate in the <b>Public Certificate</b> field and click the <b>OK</b> button.</p>
|
||||
<div class="screen_block">
|
||||
<img alt="Enabling Single Sign-on in DocSpace" target="img3_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide174/sso6.png")%>" />
|
||||
<img alt="Enabling Single Sign-on in DocSpace" id="img3_eventcom_guides" class="bigphoto_screen" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/big/guide174/sso6.png")%>" />
|
||||
<div target="img3_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
<p>Set additional parameters for certificates checking the corresponding boxes.</p>
|
||||
<p>Specify which signatures of requests/responses sent from IdP to SP should be verified:</p>
|
||||
<ul>
|
||||
<li><b>Verify Auth Responses Sign</b> - to verify signatures of the SAML authentication responses sent to SP.</li>
|
||||
<li><b>Verify Logout Requests Sign</b> - to verify signatures of the SAML logout requests sent to SP.</li>
|
||||
<li><b>Verify Logout Responses Sign</b> - to verify signatures of the SAML logout responses sent to SP.</li>
|
||||
</ul>
|
||||
<p>Select the necessary algorithm from the <b>Default Sign Verifying Algorithm</b> list: <code>rsa-sha1</code>, <code>rsa-sha256</code> or <code>rsa-sha512</code>.</p>
|
||||
<div class="notehelp">Default settings are used only in cases if the IdP metadata does not specify which algorithm should be used.</div>
|
||||
<p>You can edit or delete the added certificates using the corresponding link.</p>
|
||||
<h5>SP Certificates</h5>
|
||||
<p><b>SP Certificates</b> - this section allows you to add the Service Provider certificates used to sign and encrypt the requests and responses from the SP.</p>
|
||||
<p>If your IdP requires that input data is signed and/or encrypted, create or add corresponding certificates in this section.</p>
|
||||
<div class="screen_block">
|
||||
<img alt="Enabling Single Sign-on in DocSpace" target="img4_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide174/sso3.png")%>" />
|
||||
<img alt="Enabling Single Sign-on in DocSpace" id="img4_eventcom_guides" class="bigphoto_screen" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/big/guide174/sso3.png")%>" />
|
||||
<div target="img4_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
<p>Click the <b>Add certificate</b> button. The <b>New Certificate</b> window opens. You can generate a self-signed certificate or add an existing certificate in the <b>Public Certificate</b> field and the corresponding private key in the <b>Private Key</b> field. In the <b>Use for</b> list, select one of the available options: <code>signing</code>, <code>encrypt</code>, <code>signing and encrypt</code>. When ready, click the <b>OK</b> button.</p>
|
||||
<p>Depending on the certificate purpose selected in the <b>Use for</b> list when uploading/generating the certificate, the certificate additional parameters are specified. The following parameters define which requests/responses sent from SP to IdP should be signed:</p>
|
||||
<ul>
|
||||
<li><b>Sign Auth Requests</b> - to have SP sign the SAML authentication requests sent to IdP.</li>
|
||||
<li><b>Sign Logout Requests</b> - to have SP sign the SAML logout requests sent to IdP.</li>
|
||||
<li><b>Sign Logout Responses</b> - to have SP sign the SAML logout responses sent to IdP.</li>
|
||||
</ul>
|
||||
<p>If you have selected the <code>encrypt</code> or <code>signing and encrypt</code> option in the <b>Use for</b> list, the <b>Decrypt Assertions</b> parameter is also checked. The decryption is performed using the corresponding <b>Private Key</b>.</p>
|
||||
<p>Select the necessary algorithms from the lists:</p>
|
||||
<ul>
|
||||
<li><b>Signing Algorithm</b>: <code>rsa-sha1</code>, <code>rsa-sha256</code> or <code>rsa-sha512</code>.</li>
|
||||
<li><b>Default Decrypt Algorithm</b>: <code>aes128-cbc</code>, <code>aes256-cbc</code> or <code>tripledes-cbc</code>.</li>
|
||||
</ul>
|
||||
<p>You can edit or delete the added certificates using the corresponding link.</p>
|
||||
<h5>Attribute Mapping</h5>
|
||||
<p><b>Attribute Mapping</b> - this section allows you to set the correspondence of the fields in the <b>Accounts</b> section to the user attributes which will be returned from the IdP. When a user signs in to the ONLYOFFICE SP using the SSO credentials, ONLYOFFICE SP receives the required attributes and populates the full name and email address fields in the user account with the values received from the IdP. If the user does not exist in the Accounts section, it will be created automatically. If the user information has been changed on the IdP side, it will be updated in SP as well.</p>
|
||||
<div class="screen_block">
|
||||
<img alt="Enabling Single Sign-on in DocSpace" target="img5_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide174/sso4.png")%>" />
|
||||
<img alt="Enabling Single Sign-on in DocSpace" id="img5_eventcom_guides" class="bigphoto_screen" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/big/guide174/sso4.png")%>" />
|
||||
<div target="img5_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
<p>The available attributes are:</p>
|
||||
<ul>
|
||||
<li><b>First Name</b> (obligatory field) - an attribute in a user record that corresponds to the user's first name.</li>
|
||||
<li><b>Last Name</b> (obligatory field) - an attribute in a user record that corresponds to the user's second name.</li>
|
||||
<li><b>Email</b> (obligatory field) - an attribute in a user record that corresponds to the user's email address.</li>
|
||||
<li><b>Location</b> - an attribute in a user record that corresponds to the user's location.</li>
|
||||
<li><b>Title</b> - an attribute in a user record that corresponds to the user's title.</li>
|
||||
<li><b>Phone</b> - an attribute in a user record that corresponds to the user's phone number.</li>
|
||||
</ul>
|
||||
<h5>Advanced Settings</h5>
|
||||
<p>The <b>Hide auth page</b> option allows you to hide the default authentication page and automatically redirect to the SSO service.</p>
|
||||
<div class="notehelp nh_important"><span class="important_notice_label">Important</span>If you need to restore the default authentication page (to be able to access DocSpace if you your IDP server fails), you can add the <code>/Auth.aspx?skipssoredirect=true</code> key after the domain name of your DocSpace in the browser address bar.</div>
|
||||
<p>When all the settings are specified in your DocSpace, click the <b>Save</b> button. The <b>ONLYOFFICE SP Metadata</b> section will open.</p>
|
||||
<h2 id="RegisterSP">Registering ONLYOFFICE as a trusted Service Provider in your Identity Provider</h2>
|
||||
<p>Now you need to add ONLYOFFICE as a trusted Service Provider in your IdP account specifying the ONLYOFFICE SP metadata in the IdP.</p>
|
||||
<p>To receive necessary data, refer to the <b>ONLYOFFICE SP Metadata</b> section of the <b>Single Sign-on</b> page. Verify that the SP data is publicly accessible. To do that, click the <b>Download SP Metadata XML</b> button. The XML file contents will be displayed in a new browser tab. Save the data as an XML file to be able to upload it to the IdP.</p>
|
||||
<p>Alternatively, you can manually copy separate parameters clicking the <img alt="Copy icon" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide174/copyicon.png")%>" /> button in the corresponding fields.</p>
|
||||
<div class="screen_block">
|
||||
<img alt="Enabling Single Sign-on in DocSpace" target="img6_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide174/sso5.png")%>" />
|
||||
<img alt="Enabling Single Sign-on in DocSpace" id="img6_eventcom_guides" class="bigphoto_screen" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/big/guide174/sso5.png")%>" />
|
||||
<div target="img6_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
<p>The following parameters are available:</p>
|
||||
<ul>
|
||||
<li><b>SP Entity ID</b> (link to metadata XML) - the Service Provider XML URL address which can be downloaded and used by the Identity Provider to unequivocally identify the SP. By default, the file is located at the following address: <span class="param-type">http://example.com/sso/metadata</span> where example.com is your ONLYOFFICE DocSpace domain name or public IP.</li>
|
||||
<li><b>SP Assertion Consumer URL</b> (support POST and Redirect binding) - the Service Provider URL address where it receives and processes assertions from the Identity Provider. By default, the following address is used: <span class="param-type">http://example.com/sso/acs</span> where example.com is your ONLYOFFICE DocSpace domain name or public IP.</li>
|
||||
<li><b>SP Single Logout URL</b> (support POST and Redirect binding) - the URL used for the single logout on the Identity Provider side. It is the endpoint address in your SP where it receives and processes logout requests/responses from the Identity Provider. By default, the following address is used: <span class="param-type">http://example.com/sso/slo/callback</span> where example.com is your ONLYOFFICE DocSpace domain name or public IP.</li>
|
||||
</ul>
|
||||
<div class="notehelp">These parameters and XML contents differ depending on you DocSpace configuration, e.g. if you specify a domain name, the parameters will also be changed and you will need to reconfigure your IdP.</div>
|
||||
<h2 id="LogIn">Logging in to the ONLYOFFICE SP</h2>
|
||||
<p>After the SSO is enabled and configured, the logging in process is performed in the following way:</p>
|
||||
<ol>
|
||||
<li>A user requests access to ONLYOFFICE by clicking the <b>Single Sign-on</b> button (the caption may differ if you have specified your own text when configuring ONLYOFFICE SP) at the ONLYOFFICE DocSpace Authentication page (SP-initiated SSO).</li>
|
||||
<li>If all the IdP and SP settings are set correctly, ONLYOFFICE sends the authentication request to the IdP and redirects the user to the IdP page where he/she is asked for credentials.</li>
|
||||
<li>If the user is not already logged in to the IdP, he/she provides credentials in the IdP.</li>
|
||||
<li>IdP creates the authentication response that contains user data and sends it to ONLYOFFICE.</li>
|
||||
<li>ONLYOFFICE receives the authentication response from the Identity Provider and validates it.</li>
|
||||
<li>If the response is validated, ONLYOFFICE allows the user to log in (the user will be created automatically if missing, or the data will be updated if changed in the IdP).</li>
|
||||
</ol>
|
||||
<p>It's also possible to use the sign-in page on the Identity Provider side (IdP-initiated SSO), enter credentials and then access the ONLYOFFICE DocSpace without re-authentication.</p>
|
||||
<h2 id="LogOut">Logging out from the ONLYOFFICE SP</h2>
|
||||
<p>Logout can be made using 2 available ways:</p>
|
||||
<ol>
|
||||
<li>From ONLYOFFICE DocSpace using the <b>Sign Out</b> menu (in this case the request will be sent from IdP to logout). The user should also be automatically logged out from the IdP in case he/she is logged out from all other applications previously accessed via SSO authentication.</li>
|
||||
<li>From the IdP logout page.</li>
|
||||
</ol>
|
||||
<h2 id="EditUserProfile">Editing user profiles created using SSO</h2>
|
||||
<p>The users created using the SSO authentication are marked with the <b>SSO</b> icon in the user list for the DocSpace administrator.</p>
|
||||
<p>The possibility to edit such user profiles in the Accounts section is restricted. The user profile fields that have been created using the SSO authentication are disabled for editing from the Accounts section. The user data can be changed on the IdP side only.</p>
|
||||
</div>
|
||||
</div>
|
||||
@ -0,0 +1,98 @@
|
||||
<%@ Control Language="C#" Inherits="BaseContentUserControls"%>
|
||||
<%@ Register Namespace="TeamLab.Controls" Assembly="__Code" TagPrefix="cc" %>
|
||||
|
||||
<script runat="server">
|
||||
protected override void Init()
|
||||
{
|
||||
PageTitle = PageCaption = "Using two-factor authentication in DocSpace";
|
||||
MetaKeyWords = "two-factor authentication, configuration, sms, security";
|
||||
MetaDescription = "Enable two-factor authentication to ensure more secure DocSpace access.";
|
||||
|
||||
var guides = new GuidesModel();
|
||||
|
||||
(Page as BasePage).Guides = guides;
|
||||
}
|
||||
|
||||
|
||||
</script>
|
||||
|
||||
|
||||
<div class="MainHelpCenter">
|
||||
<h1 class="subHeaderFeaturesCaption Guides_Video_Captions">Using two-factor authentication in DocSpace</h1>
|
||||
<%--<div class="keyword_block">
|
||||
<ul>
|
||||
<li><cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/Tags/two-step-verification/two-step-verification.ascx" /></li>
|
||||
</ul>
|
||||
</div>--%>
|
||||
<div class="video_ground video_trips">
|
||||
<h2 id="introduction">Introduction</h2>
|
||||
<div class="block_of_step">
|
||||
<div class="screen_text">
|
||||
<p>Wish to protect the data stored in your DocSpace and prevent any unauthorized access? Then make use of an extra security level enabling two-factor authentication. In this case if someone decides to hack into your ONLYOFFICE DocSpace account even having your password he will need your phone to access it. This guide will explain how it works and how to enable this option.</p>
|
||||
<p>Currently, you can enable two-step verification with <b>authenticator apps</b>.</p>
|
||||
<div class="notehelp">To enable two-factor authentication you must be the DocSpace owner or administrator.</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<h2 id="step1"><span class="style_step"></span>Enable two-factor authentication</h2>
|
||||
<div class="block_of_step">
|
||||
<div class="screen_text">
|
||||
<p>To set up two-factor authentication,</p>
|
||||
<ol>
|
||||
<li>Use the <img alt="Options icon" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/GettingStarted/dsoptionsicon.png")%>" /> menu in the lower left corner and select the <b>DocSpace Settings</b> option.</li>
|
||||
<li>In the DocSpace settings, open the <b>Security</b> section on the left.</li>
|
||||
<li>Go to the <b>Two-factor authentication</b> section.</li>
|
||||
<li>Click the <b>By authenticator app</b> radio button to use an authenticator app.</li>
|
||||
<li>Click the <b>Save</b> button below the <b>Two-factor authentication</b> section.</li>
|
||||
</ol>
|
||||
</div>
|
||||
<div class="screen_block">
|
||||
<img alt="Using two-factor authentication in DocSpace" target="img3_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide173/step2.png")%>" />
|
||||
<img alt="Using two-factor authentication in DocSpace" id="img3_eventcom_guides" class="bigphoto_screen" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/big/guide173/step2.png")%>" />
|
||||
<div target="img3_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
<div class="screen_text">
|
||||
<p>That's all. Two-factor authentication is enabled.</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<h2 id="step2"><span class="style_step"></span>Access your DocSpace account using an authenticator app</h2>
|
||||
<div class="block_of_step">
|
||||
<div class="screen_text">
|
||||
<p>When two-factor authentication with an authenticator app is enabled, signing in to your DocSpace account will include two steps:</p>
|
||||
<ul>
|
||||
<li><b>Step 1</b> - Enter your credentials: email and password as usual.</li>
|
||||
<li><b>Step 2</b> - Enter a six-digit verification code or a backup code generated by the authenticator app.</li>
|
||||
</ul>
|
||||
<p>To access your DocSpace for the first time after enabling two-factor authentication:</p>
|
||||
<ol>
|
||||
<li>Enter your regular credentials to access DocSpace. The QR code and your secret key are displayed at your DocSpace login confirmation page.
|
||||
<div class="screen_block">
|
||||
<img alt="Using two-factor authentication in DocSpace" target="img5_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide173/step4.png")%>" />
|
||||
<img alt="Using two-factor authentication in DocSpace" id="img5_eventcom_guides" class="bigphoto_screen" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/big/guide173/step4.png")%>" />
|
||||
<div target="img5_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
</li>
|
||||
<li>Install an authenticator app on your mobile device. You can use <b>Google Authenticator</b> for <a target="_blank" href="https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2">Android</a> and <a target="_blank" href="https://itunes.apple.com/app/google-authenticator/id388497605">iOS</a> or <b>Authenticator</b> for <a target="_blank" href="https://www.microsoft.com/en-us/p/authenticator/9wzdncrfj3rj?rtc=1&activetab=pivot%3Aoverviewtab">Windows Phone</a>.</li>
|
||||
<li>Open the authenticator app on your mobile device and configure it in one of the following ways:
|
||||
<ul>
|
||||
<li>Scan the QR code displayed in the browser, or</li>
|
||||
<li>Manually enter your secret key displayed in the browser,</li>
|
||||
</ul>
|
||||
</li>
|
||||
<li>At your DocSpace login confirmation page, enter a 6-digit code generated by your application,</li>
|
||||
<li>Click the <b>Connect app</b> button.</li>
|
||||
</ol>
|
||||
<p>On your profile page, the <b>Login settings</b> section will be available. Click <b>Show backup codes</b>, to open the backup codes in a new window. You can use the backup codes when you don't have access to your mobile device. Print the backup codes clicking the corresponding button and use them when necessary. To get new codes you can use the <b>Request new</b> button. Only codes which was generated last are valid. It's also possible to reset the application using the <b>Reset application</b> link and then connect a new authenticator app.</p>
|
||||
|
||||
<p>When you access your account for the next time, you will be asked for your email and password as well as for a verification code. You can use either a code generated by the application or a backup code.</p>
|
||||
<div class="screen_block">
|
||||
<img alt="Using two-factor authentication in DocSpace" target="img6_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide173/step4_2.png")%>" />
|
||||
<img alt="Using two-factor authentication in DocSpace" id="img6_eventcom_guides" class="bigphoto_screen" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/big/guide173/step4_2.png")%>" />
|
||||
<div target="img6_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
@ -6,7 +6,7 @@
|
||||
{
|
||||
PageTitle = PageCaption = "Using two-factor authentication";
|
||||
MetaKeyWords = "two-factor authentication, configuration, sms, security";
|
||||
MetaDescription = "Enable the two-factor authentication to ensure more secure portal access.";
|
||||
MetaDescription = "Enable two-factor authentication to ensure more secure portal access.";
|
||||
|
||||
var guides = new GuidesModel();
|
||||
|
||||
@ -28,11 +28,11 @@
|
||||
<h2 id="introduction">Introduction</h2>
|
||||
<div class="block_of_step">
|
||||
<div class="screen_text">
|
||||
<p>Wish to protect the data stored on your portal and prevent any unauthorized access? Then make use of an extra security level enabling the two-factor authentication. In this case if someone decides to hack into your ONLYOFFICE account even having your password he will need your phone to access it. This guide will explain how it works and how to enable this option.</p>
|
||||
<p>Wish to protect the data stored on your portal and prevent any unauthorized access? Then make use of an extra security level enabling two-factor authentication. In this case if someone decides to hack into your ONLYOFFICE account even having your password he will need your phone to access it. This guide will explain how it works and how to enable this option.</p>
|
||||
<p>For the <b>SaaS version</b>, the SMS provider used on your portal is selected depending on the portal region: <b>smsc</b> is used for CIS, <b>Clickatell</b> and <b>Twilio</b> are used for all other regions. You can add available SMS providers in the <b>Settings</b> -> <b>Integration</b> -> <b>Third-Party Services</b> section.</p>
|
||||
<p>If you are using the <b>server version</b>, you first need to connect at least one SMS provider in the <b>Settings</b> -> <b>Integration</b> -> <b>Third-Party Services</b> section so that you can enable the <b>Two-factor authentication</b> option.</p>
|
||||
<p>It's also possible to enable the two-step verification with <b>authenticator apps</b>.</p>
|
||||
<div class="notehelp">To enable the two-factor authentication you must be the portal owner or full access administrator.</div>
|
||||
<p>It's also possible to enable two-step verification with <b>authenticator apps</b>.</p>
|
||||
<div class="notehelp">To enable two-factor authentication you must be the portal owner or full access administrator.</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
@ -74,10 +74,10 @@
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<h2 id="step2"><span class="style_step"></span>Enable the two-factor authentication</h2>
|
||||
<h2 id="step2"><span class="style_step"></span>Enable two-factor authentication</h2>
|
||||
<div class="block_of_step">
|
||||
<div class="screen_text">
|
||||
<p>To set up the two-factor authentication,</p>
|
||||
<p>To set up two-factor authentication,</p>
|
||||
<ol>
|
||||
<li>In the portal settings, go to the <b>Security</b> section and open the <b>Portal access</b> page.</li>
|
||||
<li>Go to the <b>Two-factor authentication</b> section and
|
||||
@ -95,7 +95,7 @@
|
||||
<div target="img3_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
<div class="screen_text">
|
||||
<p>That's all. The two-factor authentication is enabled.</p>
|
||||
<p>That's all. Two-factor authentication is enabled.</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@ -103,13 +103,13 @@
|
||||
<h2 id="step3"><span class="style_step"></span>Access your online office account using SMS verification</h2>
|
||||
<div class="block_of_step">
|
||||
<div class="screen_text">
|
||||
<p>When the two-factor authentication with SMS is enabled, the sign-in to the online office account process will work a little bit differently and include two steps:</p>
|
||||
<p>When two-factor authentication with SMS is enabled, the sign-in to the online office account process will work a little bit differently and include two steps:</p>
|
||||
<ul>
|
||||
<li><b>Step 1</b> - Enter your credentials: email and password as usual.</li>
|
||||
<li><b>Step 2</b> - Enter a six-digit verification code received via SMS.</li>
|
||||
</ul>
|
||||
<div class="notehelp">The sent code is valid for 10 minutes. To resend a verification code, use the <b>Send code again</b> button, but no more often than 5 times per 5 minutes.</div>
|
||||
<p>When you access your online office account for the first time after enabling the two-factor authentication, you will need to perform one more step: <b>Specify the phone number</b> you wish the SMS to be sent at. If necessary, you will be able to change it later at any moment on your profile page.</p>
|
||||
<p>When you access your online office account for the first time after enabling two-factor authentication, you will need to perform one more step: <b>Specify the phone number</b> you wish the SMS to be sent at. If necessary, you will be able to change it later at any moment on your profile page.</p>
|
||||
</div>
|
||||
<div class="screen_block">
|
||||
<img alt="How to use two-factor authentication on portals?" target="img4_eventcom_guides" class="screenphoto screen_guides" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/Guides/small/guide69/step3.png")%>" />
|
||||
@ -117,7 +117,7 @@
|
||||
<div target="img4_eventcom_guides" class="screenphoto magnifier"></div>
|
||||
</div>
|
||||
<div class="screen_text">
|
||||
<p>To make the sign-in process more simple, your online office offers the possibility to remember that a particular browser was already successfully used for the two-factor authentication. So when you access your account for the second time using the same browser, it will ask you for your email and password only. But if you or someone else try to access your account from any other computer or browser, the verification code will be required. So your account will still be protected. The verification code will be also required when the two-factor authentication cookie has expired or if you decide to delete cookies from your browser.</p>
|
||||
<p>To make the sign-in process more simple, your online office offers the possibility to remember that a particular browser was already successfully used for two-factor authentication. So when you access your account for the second time using the same browser, it will ask you for your email and password only. But if you or someone else try to access your account from any other computer or browser, the verification code will be required. So your account will still be protected. The verification code will be also required when two-factor authentication cookie has expired or if you decide to delete cookies from your browser.</p>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
@ -125,12 +125,12 @@
|
||||
<h2 id="step4"><span class="style_step"></span>Access your online office account using an authenticator app</h2>
|
||||
<div class="block_of_step">
|
||||
<div class="screen_text">
|
||||
<p>When the two-factor authentication with an authenticator app is enabled, the sign-in to the online office account process will work a little bit differently and include two steps:</p>
|
||||
<p>When two-factor authentication with an authenticator app is enabled, the sign-in to the online office account process will work a little bit differently and include two steps:</p>
|
||||
<ul>
|
||||
<li><b>Step 1</b> - Enter your credentials: email and password as usual.</li>
|
||||
<li><b>Step 2</b> - Enter a six-digit verification code or a backup code generated by the authenticator app.</li>
|
||||
</ul>
|
||||
<p>To access the portal for the first time after enabling the two-factor authentication:</p>
|
||||
<p>To access the portal for the first time after enabling two-factor authentication:</p>
|
||||
<ol>
|
||||
<li>Enter your regular credentials to access the portal. The QR code and your secret key are displayed at your portal login confirmation page.
|
||||
<div class="screen_block">
|
||||
@ -151,7 +151,7 @@
|
||||
</ol>
|
||||
<p>Then you will be redirected to your profile page where the backup codes will be displayed in a new window. You can use the backup codes when you don't have access to your mobile device. Print the backup codes clicking the corresponding button and use them when necessary. To get new codes you can use the <b>Request new</b> button. Only codes which was generated last are valid. It's also possible to connect a new authenticator app using the corresponding link at your profile page.</p>
|
||||
|
||||
<p>When you access your account for the next time, you will be asked you for your email and password as well as for a verification code. You can use either a code generated by the application or a backup code.</p>
|
||||
<p>When you access your account for the next time, you will be asked for your email and password as well as for a verification code. You can use either a code generated by the application or a backup code.</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
@ -0,0 +1,51 @@
|
||||
<%@ control language="C#" inherits="BaseContentUserControls" %>
|
||||
<%@ register namespace="TeamLab.Controls" assembly="__Code" tagprefix="cc" %>
|
||||
<script runat="server">
|
||||
protected override void Init()
|
||||
{
|
||||
PageTitle = "Managing Active sessions in DocSpace";
|
||||
MetaKeyWords = "Active connections, DocSpace";
|
||||
MetaDescription = "Logged into your DocSpace from another device, but then forgot to log out? You can manually close a specific active session.";
|
||||
}
|
||||
</script>
|
||||
|
||||
<div class="main_buscall_container dataBackup">
|
||||
<div class="MainHelpCenter">
|
||||
<h1 class="subHeaderFeaturesCaption TipsCaption">Managing Active sessions in DocSpace</h1>
|
||||
|
||||
<p>Logged into your DocSpace from another device, but then forgot to log out? You can manually close a specific active session.</p>
|
||||
<div class="notehelp">
|
||||
The list of active connections is available only for <b>your profile</b>, and only connections of <b>your profile</b> can be logged out.
|
||||
</div>
|
||||
<h2>Closing a particular session</h2>
|
||||
<ol class="instructions">
|
||||
<li>Click the <img alt="Options icon" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/GettingStarted/dsoptionsicon.png")%>" /> icon next to your name in the lower left corner and select the <b>Profile</b> option or just click your name.</li>
|
||||
<li>On the <b>My profile</b> page, find the <b>Active Sessions</b> section. You will see the list of all your active connections which contains the following data: operating system, browser, date and time, IP address.
|
||||
<p><img alt="Active connections list" src="<%=VirtualPathUtility.ToAbsolute("~/images/help/tipstricks/DocSpace/activeconnections.png")%>" /></p>
|
||||
</li>
|
||||
<li>Find the needed connection and click on the
|
||||
<img alt="Close section icon" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/GettingStarted/dscloseconnection.png")%>" />
|
||||
icon located on the right.</li>
|
||||
<li>Click <b>Log out</b> to confirm the action.
|
||||
<p><img alt="Closing a particular session" src="<%=VirtualPathUtility.ToAbsolute("~/images/help/tipstricks/DocSpace/logout.png")%>" /></p>
|
||||
</li>
|
||||
</ol>
|
||||
<p>The selected connection will be stopped and excluded from the list.</p>
|
||||
|
||||
<h2>Closing all active connections</h2>
|
||||
<ol>
|
||||
<li>Click the <img alt="Options icon" src="<%=VirtualPathUtility.ToAbsolute("~/images/Help/GettingStarted/dsoptionsicon.png")%>" /> icon next to your name in the lower left corner and select the <b>Profile</b> option or just click your name.</li>
|
||||
<li>On the <b>My profile</b> page, find the <b>Active Sessions</b> section.</li>
|
||||
<li>Click the <b>Log out from all active sessions</b> option.</li>
|
||||
<li>The <b>Log out from all active connections</b> window will appear:
|
||||
<p><img alt="Log out from all active connections" src="<%=VirtualPathUtility.ToAbsolute("~/images/help/tipstricks/DocSpace/logout_activeconnections.png")%>" /></p>
|
||||
<ul>
|
||||
<li>For more security, you can check the <b>Change password after logging out</b> box. </li>
|
||||
<li>Click the <b>Log out </b> button.</li>
|
||||
</ul>
|
||||
</li>
|
||||
</ol>
|
||||
<p>All connection excepting the current one will be stopped and excluded from the list. If you checked the <b>Change password after logging out</b> option, you will be logged out from all connections and prompted to create a new password. After creating a new password, you will need to enter your credentials to log in to your DocSpace.</p>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
21
Web/administration/docspace-active-connections.aspx
Normal file
21
Web/administration/docspace-active-connections.aspx
Normal file
@ -0,0 +1,21 @@
|
||||
<%@ Page Title="" Language="C#" MasterPageFile="~/Masters/Administration/AdministrationArticles.master" %>
|
||||
<%@ Register Namespace="TeamLab.Controls" Assembly="__Code" TagPrefix="cc" %>
|
||||
|
||||
<asp:Content ID="Content4" ContentPlaceHolderID="pagebodyidpage" runat="Server">
|
||||
<body class="administration_guides_docspace">
|
||||
</asp:Content>
|
||||
<asp:Content ID="Content1" ContentPlaceHolderID="content" runat="Server">
|
||||
<cc:localizecontent runat="Server" controlname="~/Controls/Help/TipsTricks/DocSpace/DocSpaceActiveConnections/DocSpaceActiveConnections.ascx" />
|
||||
</asp:Content>
|
||||
<asp:Content ID="content2" ContentPlaceHolderID="leftmenupage" runat="server">
|
||||
<div class="administrationdocspacepage general">
|
||||
<%--<div id="SeeAlsoBlockLinks">
|
||||
<div class="caption guides one">
|
||||
<cc:localizecontent runat="Server" controlname="~/Controls/Help/ArticlesCompleteList/Guides/154_sharing-documents-personal.ascx" />
|
||||
</div>
|
||||
<div class="caption tips">
|
||||
<cc:localizecontent runat="Server" controlname="~/Controls/Help/ArticlesCompleteList/TipsTricks/176_document-versions-personal.ascx" />
|
||||
<cc:localizecontent runat="Server" controlname="~/Controls/Help/ArticlesCompleteList/TipsTricks/178_available-languages-personal/178_available-languages-personal.ascx" />
|
||||
</div>
|
||||
</div>--%>
|
||||
</asp:Content>
|
||||
@ -9,7 +9,6 @@
|
||||
<cc:localizecontent id="LocalizeContent" runat="Server" controlname="~/Controls/Help/VariousControls/TopControls/DocumentsTop/DocumentsTop.ascx" />
|
||||
</asp:Content>
|
||||
<asp:Content ID="Content4" ContentPlaceHolderID="content" runat="Server">
|
||||
<div id="outOfDate" style="display: none;"></div>
|
||||
<cc:localizecontent runat="Server" controlname="~/Controls/Help/GettingStarted/Docspace/DocSpaceSettings.ascx" />
|
||||
</asp:Content>
|
||||
<asp:Content ID="content5" ContentPlaceHolderID="leftmenupage" runat="server">
|
||||
|
||||
24
Web/administration/docspace-sso-settings.aspx
Normal file
24
Web/administration/docspace-sso-settings.aspx
Normal file
@ -0,0 +1,24 @@
|
||||
<%@ Page Title="" Language="C#" MasterPageFile="~/Masters/Administration/AdministrationArticles.master" %>
|
||||
<%@ Register Namespace="TeamLab.Controls" Assembly="__Code" TagPrefix="cc" %>
|
||||
<asp:Content ID="Content4" ContentPlaceHolderID="pagebodyidpage" runat="Server">
|
||||
<body class="administration_guides_docspace">
|
||||
</asp:Content>
|
||||
|
||||
<asp:Content ID="Content2" ContentPlaceHolderID="content" runat="Server">
|
||||
<cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/Guides/General/DocSpaceSSODescription/DocSpaceSSODescription.ascx" />
|
||||
</asp:Content>
|
||||
<asp:Content ID="content1" ContentPlaceHolderID="leftmenupage" runat="server">
|
||||
<div class="administrationdocspacepage general">
|
||||
<%--<div id="SeeAlsoBlockLinks">
|
||||
<div class="caption gs">
|
||||
<cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/ArticlesCompleteList/GettingStarted/070_configuration.ascx" />
|
||||
<cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/ArticlesCompleteList/GettingStarted/069_people.ascx" />
|
||||
</div>
|
||||
<div class="caption guides one">
|
||||
<cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/ArticlesCompleteList/Guides/033_become-translator.ascx" />
|
||||
</div>
|
||||
<div class="caption tips one">
|
||||
<cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/ArticlesCompleteList/TipsTricks/060_available-languages/060_available-languages.ascx" />
|
||||
</div>
|
||||
</div>--%>
|
||||
</asp:Content>
|
||||
19
Web/administration/docspace-two-factor-authentication.aspx
Normal file
19
Web/administration/docspace-two-factor-authentication.aspx
Normal file
@ -0,0 +1,19 @@
|
||||
<%@ Page Title="" Language="C#" MasterPageFile="~/Masters/Administration/AdministrationArticles.master" %>
|
||||
<%@ Register Namespace="TeamLab.Controls" Assembly="__Code" TagPrefix="cc" %>
|
||||
<asp:Content ID="Content4" ContentPlaceHolderID="pagebodyidpage" runat="Server">
|
||||
<body class="administration_guides_docspace">
|
||||
</asp:Content>
|
||||
|
||||
<asp:Content ID="Content1" ContentPlaceHolderID="content" runat="Server">
|
||||
<div id="outOfDate" style="display: none;"></div>
|
||||
<cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/Guides/General/DocSpaceTFAuth/DocSpaceTFAuth.ascx" />
|
||||
|
||||
</asp:Content>
|
||||
<asp:Content ID="content2" ContentPlaceHolderID="leftmenupage" runat="server">
|
||||
<div class="administrationdocspacepage general">
|
||||
<%--<div id="SeeAlsoBlockLinks">
|
||||
<div class="caption gs one">
|
||||
<cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/ArticlesCompleteList/GettingStarted/070_configuration.ascx" />
|
||||
</div>
|
||||
</div>--%>
|
||||
</asp:Content>
|
||||
BIN
Web/images/Help/GettingStarted/dscloseconnection.png
Normal file
BIN
Web/images/Help/GettingStarted/dscloseconnection.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 1018 B |
BIN
Web/images/Help/Guides/big/guide173/step2.png
Normal file
BIN
Web/images/Help/Guides/big/guide173/step2.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 20 KiB |
BIN
Web/images/Help/Guides/big/guide173/step4.png
Normal file
BIN
Web/images/Help/Guides/big/guide173/step4.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 19 KiB |
BIN
Web/images/Help/Guides/big/guide173/step4_2.png
Normal file
BIN
Web/images/Help/Guides/big/guide173/step4_2.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 11 KiB |
BIN
Web/images/Help/Guides/big/guide174/sso1.png
Normal file
BIN
Web/images/Help/Guides/big/guide174/sso1.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 26 KiB |
BIN
Web/images/Help/Guides/big/guide174/sso2.png
Normal file
BIN
Web/images/Help/Guides/big/guide174/sso2.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 22 KiB |
BIN
Web/images/Help/Guides/big/guide174/sso3.png
Normal file
BIN
Web/images/Help/Guides/big/guide174/sso3.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 19 KiB |
BIN
Web/images/Help/Guides/big/guide174/sso4.png
Normal file
BIN
Web/images/Help/Guides/big/guide174/sso4.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 17 KiB |
BIN
Web/images/Help/Guides/big/guide174/sso5.png
Normal file
BIN
Web/images/Help/Guides/big/guide174/sso5.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 31 KiB |
BIN
Web/images/Help/Guides/big/guide174/sso6.png
Normal file
BIN
Web/images/Help/Guides/big/guide174/sso6.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 21 KiB |
BIN
Web/images/Help/Guides/small/guide173/step2.png
Normal file
BIN
Web/images/Help/Guides/small/guide173/step2.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 16 KiB |
BIN
Web/images/Help/Guides/small/guide173/step4.png
Normal file
BIN
Web/images/Help/Guides/small/guide173/step4.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 17 KiB |
BIN
Web/images/Help/Guides/small/guide173/step4_2.png
Normal file
BIN
Web/images/Help/Guides/small/guide173/step4_2.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 8.4 KiB |
BIN
Web/images/Help/Guides/small/guide174/arrowicon.png
Normal file
BIN
Web/images/Help/Guides/small/guide174/arrowicon.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 961 B |
BIN
Web/images/Help/Guides/small/guide174/copyicon.png
Normal file
BIN
Web/images/Help/Guides/small/guide174/copyicon.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 937 B |
BIN
Web/images/Help/Guides/small/guide174/sso1.png
Normal file
BIN
Web/images/Help/Guides/small/guide174/sso1.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 22 KiB |
BIN
Web/images/Help/Guides/small/guide174/sso2.png
Normal file
BIN
Web/images/Help/Guides/small/guide174/sso2.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 18 KiB |
BIN
Web/images/Help/Guides/small/guide174/sso3.png
Normal file
BIN
Web/images/Help/Guides/small/guide174/sso3.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 15 KiB |
BIN
Web/images/Help/Guides/small/guide174/sso4.png
Normal file
BIN
Web/images/Help/Guides/small/guide174/sso4.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 17 KiB |
BIN
Web/images/Help/Guides/small/guide174/sso5.png
Normal file
BIN
Web/images/Help/Guides/small/guide174/sso5.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 23 KiB |
BIN
Web/images/Help/Guides/small/guide174/sso6.png
Normal file
BIN
Web/images/Help/Guides/small/guide174/sso6.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 17 KiB |
BIN
Web/images/Help/TipsTricks/DocSpace/activeconnections.png
Normal file
BIN
Web/images/Help/TipsTricks/DocSpace/activeconnections.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 8.6 KiB |
BIN
Web/images/Help/TipsTricks/DocSpace/logout.png
Normal file
BIN
Web/images/Help/TipsTricks/DocSpace/logout.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 3.8 KiB |
BIN
Web/images/Help/TipsTricks/DocSpace/logout_activeconnections.png
Normal file
BIN
Web/images/Help/TipsTricks/DocSpace/logout_activeconnections.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 6.3 KiB |
Loading…
Reference in New Issue
Block a user