Skip to main content

Additional login security

Updated over 3 months ago

Info

These features are only available with Standard plan subscriptions. Visit the Subscriptions menu to manage your plan.

By default, all companies have No additional security required as the predefined option. Companies with a Standard subscription can choose either to Restrict login to approved domains only (Approved domains) or to Integrate with a third-party workspace for login (Third-party login), but not both simultaneously. Read on to learn more about both options.

Approved domains

Approved email domains let administrators control which email domains can be used for creating user accounts in their company. This security feature ensures that only users with email addresses from trusted domains can join the company workspace. When no domains are specified, the system allows all email domains.

Step-by-step guide to configure approved domains:

1. Access settings

Navigate to the gear icon (⚙) | Company Security | Additional login security and select the Restrict login to approved domains only option.

e11.jpg

2. Add domain

Enter the domain name in the field.

b11.jpg

Tip

You can enter either full domain names like "example.com" or specific subdomains like "sub.example.com".

Note

When configuring approved domains, the system will display warnings for any existing users with email addresses from non-approved domains. These users will be marked with a warning indicator in the system, allowing administrators to review and manage such cases as needed.

3. Save

Press Enter on your keyboard to save your changes.

c11.jpg

Success

After configuration, only users with email addresses from approved domains can access the platform. The system automatically records all approved domain changes in the Platform users audit log. To prevent accidental lockouts, company administrators can always log in and manage domain settings regardless of their email domain.

Info

When inviting new users to your company workspace, the system automatically checks if the invited user's email domain is on the approved list. If the domain is not approved, the invitation will be blocked, and the inviter will receive a notification explaining why the invitation cannot be processed.

Step-by-step guide to remove an approved domain:

1. Access settings

Navigate to the gear icon (⚙) | Company Security | Additional login security.

d11.jpg

2. Delete the domain from the list

In the field where you enter domains, to remove an already added domain, click the cross (✖) button next to it.

d111.jpg

Success

The previously approved domain has been removed. When no domains are specified, accounts can be created with email addresses from any domain, and users can log in from any email address.

Third-party login

CargoX provides secure sign-in options through Microsoft and Google, allowing users to access the platform with their existing enterprise credentials for a seamless authentication experience.

The system uses OAuth 2.0 protocol for authentication, ensuring secure token handling and user verification. Your enterprise credentials are never stored on CargoX servers.

Step-by-step guide to connect the third-party login:

1. Access settings

Navigate to the gear icon (⚙) | Company Security | Additional login security and select the Integrate with third-party workspace for login option.

f11.jpg

2. Select provider

Select either Login with Google or Login with Microsoft to connect and click on the Enable third-party login button.

g11.jpg

Note

You can only connect one workspace at a time—either Google or Microsoft.

3. Authenticate

Follow the authentication process to link your enterprise workspace.

Success

Third-party login has been successfully activated. The system automatically records all third-party login configuration changes in the Platform users audit log.

A CargoX account is required before using third-party login. When new users join, they will receive an activation email and must accept CargoX's Terms & Conditions. Company administrators have the flexibility to disable third-party login at any time.

Warning

When third-party login is enabled, it becomes the required login method for all users in your company.

Step-by-step guide to logging in with third-party authentication:

1. Email sign-in

Enter your email address on the CargoX login page.

Info

The system automatically detects if your company uses Microsoft 365 or Google authentication.

2. Authentication

You will be redirected to your company's authentication provider. Once verified, you will automatically return to the CargoX platform and be logged in.

Help

If you encounter any issues with third-party login, please contact your company administrator or CargoX support at support@cargox.io for assistance.

Did this answer your question?