During the implementation, you have several choices when it comes to configuring authentication for your users.
1- Single Sign-On
Rapptr can be configured to use your company’s Single Sign-On (SSO) feature. This means that your users will first log in to your company’s authentication platform (e.g. Active Directory) before accessing Rapptr.
This has several advantages, such as letting you manage the password policy of your users, or reducing the number of passwords your users need to manage.
Information on how to implement Single Sign-On is available here
2- Two Factor Authentication
If you do not wish to implement SSO you can rely on Rapptr internal passwords and add a second authentication factor (e.g. a 6 digit number which can be used within 30 seconds).
Information on two-factor authentication is available here
3- Rapptr Passwords
If you’re not using SSO you will at least be using passwords managed within Rapptr.
Passwords are set by users upon their first connection, following an invitation sent by an administrator.
- Passwords must be at least 8 characters long
- Passwords must have at least 3 of the 4 character groups (0-9, a-z, A-Z, and special characters).
- Users need to reset their passwords after 6 unsuccessful attempts.
FundApps doesn’t enforce automatic password expiry, in line with National Institute of Standards and Technology (NIST) special publication guidelines on Digital Identities: “Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically)". Please read NIST Special Publication 800-63B for more information.
Users can reset their own passwords by choosing the “Forgot your password?” link on the login page. An invitation will be sent to their inbox requiring them to change their password.
Information on tackling issues with logins can be found here .
Nota Bene: API users can only use Rapptr passwords.