Configuring SaaS Acceleration : Configuring authentication methods
  
Configuring authentication methods
Enable password and two-factor authentication policies for maximum security. Generally, you’ll want to set these policies at the realm level, where they will be applied to all accounts including realm administrator accounts. Just be aware that enabling a password policy automatically logs out all users from the system. You can enable individual, non-realm administrator accounts to override some aspects of realm authentication policies, if needed.
When two-factor authentication is enabled, users will need to enter a random, auto-generated passcode in addition to their login credentials. Users can choose to receive passcodes through email, text messaging (SMS), or a time-based one-time passcode (TOTP) application on their mobile device.
If you plan on using a loopback method using mobile messaging (SMS), each administrator account must be configured with a mobile number.
To configure realm-wide authentication policies
1. Log in to the SAM using a realm administrator account.
2. Select Realm > Settings.
3. Optionally, enable the password policy. When enabled, you can configure these settings:
Expiration time in days.
Number of failed login attempts before locking out the user.
Minimum password length.
4. Optionally, specify how long inactive sessions will remain logged in.
5. Optionally, enable Support access.
6. Optionally, enable Rest API access.
7. Optionally, enable two-factor authentication.
To configure an authentication for an individual account
1. Log in to the SAM using a realm administrator account.
2. Select Admins.
3. Select the account.
4. Select the Authentication tab.
5. Optionally, set two-factor authentication to use the realm setting, always on regardless of realm setting, or never on regardless of realm setting.
6. Optionally, enable Override realm session expiration time. When enabled, this user’s session will always remain active.
7. Optionally, change the account password.
Auditing login activity
SAM records login activity, and realm administrators can monitor this activity across their realm by downloading audit logs.
To download audit logs
1. Log in to the SAM using a realm administrator account.
2. Select Realm > Audit logs.
3. Click Download audit logs.
4. Open the compressed file to view the logs.