The system settings for managing data regarding Users and their accounts are complex; one setting may not fit every employee. In User Policies, you can set up specifications about logging-in options, sessions, password expiration, and much more. Then you assign each User wished User Policy that will apply to him.
Initial setup
Name – name of the policy, used only to differentiate between the policies
Active? – non-active policies will not be available to use
Authentication method – a method that can be used to authenticate each User. You can choose Password, LDAP, SAML, or a combination of them
General setup
Search users –
Expire user accounts after – time after which the inactive User will be deactivated
Notify days before expiration – how long before the expiration will the User be notified about his planned expiration
Notify daily – if checked, the notification about expiration will be sent every day, starting the day you set in the previous setting
Session timeout – after how much time of inactivity will the User be logged out
Max session time – after how much time the User will be logged out – even active User (the Users will be forced to log in e.g. every 5 hours)
Allow multiple sessions – if checked, the Users will be able to have multiple sessions in different devices or browsers at the same time (e.g. can be logged in on their computer and mobile phone at the same time. This causes less security)
Allowed editable fields –
Managed groups – Users assigned to this Policy will be able to manage Users associated with here specified Groups
Creates user with groups – when creating a User under this Policy, they will automatically be assigned to here specified Groups
User Locking
Maximum attempts login – maximum number of attempts to log in. After exceeding this amount, the User will be locked and Flowis administrator will have to unlock his account in the Users section
Lock the user account by –
Password Authentication
Enable 2FA authentication – if checked, new Users will have two-factor authentication turned on by default
Enforce 2FA authentication –
Allowed 2FA methods – either Google Authenticator, e-mail, or a combination of these two. Google Authenticator requires the User to have the application downloaded in his smartphone and paired with his Flowis account; E-mail authentication is great for those Users that do not own a smartphone
Expire user password after – time after which the User will be forced to change his password. The default is 90 days. If you do not want the passwords to expire, type 0.
SAML Authentication
This section sets up the SAML Authentication method. If needed, contact your IT administrator to set up this section for you.
LDAP Authentication
This section sets up the LDAP Authentication method. If needed, contact your IT administrator to set up this section for you.
Azure users
Contact your IT administrator to set up this section for you.
E-mail templates
Flowis can send Users e-mail notifications when something happens with their account. You can either select system templates for these notifications, or you can set up your own in the System E-mail Templates section in the left menu. You can set up e-mails for these situations:
- Initial password – when the User is asked to set up his first password ever – can be generated in Users using the “Send initial password link” bulk action
- New location – notification about a login from a new location
- Notify before expiration – notification about the password expiration will be sent in advance depending on the time frame you set up in the “General setup” section
- Password reset – when the User asks for password reset on the login screen or the Flowis administrator resets his password in the Users section using the “Send reset password link”
