1. Home
  2. /Guides
  3. /Mobile Wallet
  4. /User guide
  5. /Account + Team + Security
  6. /Security
  7. /Manage Account Security Requirements

Manage Account Security Requirements

Set security requirements for Airship logins.

Changing security settings

 Note

  • Team Management Security settings are available to Enterprise customers only.
  • Only the company account owner can edit team security settings.
  • This information does not apply to accounts configured for Multi-factor authentication (MFA).

  1. Click   in the right side of the dashboard header, and select Team Management. If you are in Mobile Wallet Team Management, click the link to go to Team Management for Messaging, then continue with these steps.

  2. Click the Security tab and enable or disable settings:

    • Password Reset — Require password reset after 90 days of last password change.
    • Unique Password Requirement — New password cannot be one of the last 3 passwords.
    • Block Multiple Sessions — Ensures that only one session can be active at a time by logging out existing browser sessions upon a new login.

Setting up single sign-on (SSO)

Single sign-on (SSO) is a method of authentication where you use one set of credentials to access multiple accounts. If you already use SSO, you may add Airship as another service provider to enable members of your team to access your shared Airship projects without requiring dedicated credentials.

 Important

  • SSO is available for paid Airship pricing plans only. Please contact your account manager or Support to enable this feature if it is not already available for your account.

  • You must request your user metadata from your identity provider. It must be a standard SP (service provider) metadata XML file. You will upload this file in the steps below.

Configuring a SAML connection

You must configure a new SAML connection for Airship on your identity provider. Include an attribute statement for user email addresses, which Airship uses for authentication. In order for Airship to detect it, the attribute name must be set as http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress, not email or emailaddress alone.

Setting up SSO in Airship

Set up SSO in your Airship project:

  1. Click   in the right side of the Airship dashboard header and select Team Management. If you are in Mobile Wallet Team Management, click the link to go to Team Management for Messaging, then continue with these steps.

  2. Go to Single Sign-On.

  3. Under Identity provider (IDP) metadata, click Choose File and upload your metadata file.

  4. Under Service provider (SP) metadata, click Download SP Metadata.

  5. Note the ENTITY ID and SINGLE SIGN-ON WEB ADDRESS URLs on this screen. You will use them in later steps.

Next, give the SP metadata file to your identity provider, and include the ENTITY ID URL in case they require it.

Testing SSO

After your identity provider confirms Airship has been set up as a trusted company, have your users go to the SINGLE SIGN-ON WEB ADDRESS URL and test SSO login. If logins fail, contact Airship Support or your technical account manager for assistance.

Going live with SSO

Finally, contact Airship Support and tell them SSO login is successful for your company and they can complete setup for you. Support will:

  • Set SSO as a requirement for users to access the projects your account
  • Invalidate passwords for all users except the account owners and project administrators
  • Notify you that SSO configuration is complete