By default, only e-mail and password authentication is required for logins to Devo domains. However, to implement stricter policies for user authentication, you can enable one of the following methods for your domain in the Authentication tab of the Preferences → Domain Preferences area.
- Password - This is the standard way of logging in using your e-mail and password, and is selected by default. Additionally, you can activate multi-factor authentication (MFA) to add an extra security layer to the e-mail/password credentials. After entering your e-mail and password, you will be prompted to enter a security code generated by an authentication app.
- SAML2 - SAML is an open standard that allows users to log in to the application through an identity provider (IdP).
- OpenID - Same as SAML, OpenID allows users to access an external IdP and authenticate to access Devo. OpenID is a lighter-weight protocol and requires explicit user consent to access as part of its communication flows.
At least one authentication method must always be selected. If you deactivate the default e-mail/password method, you must enable at least one other method.
You can activate several authentication methods in a domain, and users may access using the required one.
After logging in, if you switch to a domain in which the authentication method you used to log in to your current domain is not activated, you will be prompted to select one of the authentication methods activated in that domain.