Guide
Manage how your users sign in: via email+password, Google or Microsoft account, or SAML SSO (Okta, ActiveDirectory, etc.)
Once you invite Users into a Workspace, they can sign in using their preferred method:
Enabling and disabling authentication methods
If this variety is too much for your security standards, feel free to disable some of the methods:
Navigate to Settings in the sidebar and the Security.
Switch toggles on/off to configure allowed authentication methods.
When you limit the ways to sign in, the Workspace login page changes accordingly.
Signing in from the global login page
The Workspace settings don't affect the global login page though: it always sticks to the default methods and doesn't include SAML SSO.
A user is free to authenticate using any method and see the list of all Workspaces associated with their email address:
When the user picks a Workspace, this happens:
If the authorization method is allowed in a particular Workspace, the user is able to continue.
Otherwise, they are redirected to the Workspace login page.
Two-factor authentication (2FA)
Fibery doesn't support 2FA natively yet, but if your organization uses Google Suite, Microsoft O365, or another identity provider there is a solution:
Disable all authentication methods apart from your identity provider (ex. Google).
When inviting users, use their work emails linked to the identity provider (ex. @company.com emails hosted by Google Suite).
Enforce 2FA on the identity provider's side.
This way users can't bypass the 2FA when signing into Fibery.
Troubleshooting
Access to workspace is forbidden for
This error appears, if the User, that doesn't have access to this workspace, tries to log in. Please, make sure that you log in under the email, that is a Member of this workspace, and that your User is not deactivated.
Admin of your workspace has access to this data.