Manage Gorgias account accessUpdated 4 days ago

Controlling how people access your helpdesk helps you keep your account secure and makes it easier to onboard your team. You can manage how users access Gorgias by enabling SSO, allowing auto-join for specified domains, and requiring two-factor authentication(2FA) for all accounts.

Requirements

• Google and Microsoft SSO is available on all Helpdesk plans. Custom SSO is available on Advanced and Enterprise plans.
• To set up SSO, you need to be an Admin in Gorgias

Enable or disable Single Sign-On (SSO)

You can set up Single Sign-on (SSO) with Google or Microsoft to allow your users to sign into Gorgias with their Google or Microsoft accounts instead of creating a unique password. If you use another Identity Provider — like Okta or JumpCloud — learn more about setting up custom SSO.

1. From your helpdesk, click the  Settings icon in the bottom-left corner.
2. In the menu, locate Account, then select Access management.
3. Under Single Sign-On (SSO), click the toggles to turn Google or Microsoft SSO ON or OFF.
4. Click Save changes.

Enforce SSO

Once you’ve enabled SSO, you can turn off email and password sign-in and only allow users to sign in with SSO. Enabling SSO enforcement will not end any active sessions, but the next time an agent tries to sign in, they’ll be required to use SSO.

1. From your helpdesk, click the  Settings icon in the bottom-left corner.
2. In the menu, locate Account, then select Access management.
3. Under SSO Enforcement, click the toggle to Require SSO for all users.
4. Click Enable.
5. Click Save changes.

Allow auto-join

Instead of manually inviting users to Gorgias, you can share an invite link with your team to allow them to create their own accounts. Users will need to sign up with an email address that matches the domains you specify.

1. From your helpdesk, click the  Settings icon in the bottom-left corner.
2. In the menu, locate Account, then select Access management.
3. Under Auto-join helpdesk, click the toggle to turn on Auto-join for approved email domains.
4. Enter the domains that are approved to create accounts in Gorgias.
5. Click Save changes.

Make 2FA mandatory

Two-factor authentication adds an extra layer of security to your user accounts by requiring them to use an authenticator app when signing in. Users in Gorgias can set up 2FA for their individual accounts, or admins can make it mandatory for all users. Once mandatory 2FA is enabled, any user who hasn’t set up 2FA will see a warning notifying them to enable it within 14 days. After 14 days, users won’t be able to use Gorgias until they’ve set up 2FA.

1. From your helpdesk, click the  Settings icon in the bottom-left corner.
2. In the menu, locate Account, then select Access management.
3. Under Two-Factor Authentication (2FA), click the toggle next to Require 2FA for all users to ON.
4. If you haven’t already set up 2FA on your own account, follow the on-screen prompts to set up your authenticator app. Be sure to save your recovery codes!
5. Set an Enforcement time.
6. Click Save changes.

To keep your data secure when 2FA isn’t enabled, Gorgias will send a verification link to a user any time they sign in from an unknown location, or from an IP address that hasn't been used within the last 30 days. Users will need access to the email inbox associated with the email address they’re signing in with in order to click the verification link and complete the sign in process.

Bypass 2FA when SSO is enabled

If you’d like your SSO provider to handle 2FA, you can choose to bypass 2FA on accounts that sign-in via SSO.

1. From your helpdesk, click the  Settings icon in the bottom-left corner.
2. In the menu, locate Account, then select Access management.
3. Under Skip two-factor authentication after SSO, click the toggle to Skip 2FA for SSO users.
4. Click Enable.
5. Click Save changes.