Gorgias logo
Gorgias logo

All articles

Manage Gorgias account accessUpdated an hour ago

You can manage how users can access Gorgias by enabling SSO, allowing domain signup, and requiring two-factor authentication (2FA) for all accounts.


Requirements



Enable or disable Single Sign-On (SSO)

You can set up Single Sign-on (SSO) with Google or Microsoft to allow your users to sign into Gorgias with their Google or Microsoft accounts instead of creating a unique password. If you use another IdP, learn more about setting up custom SSO.

  1. From your helpdesk, click the Settings icon in the bottom-left corner.
  2. In the menu, locate Account, then select Access Management.
  3. Under Single Sign-On (SSO), click the toggles to turn Google or Microsoft SSO ON or OFF.
  4. Click Save Changes.

Allow auto-join

Instead of manually inviting users to Gorgias, you can share an invite link with your team to allow them to create their own accounts. Users will need to sign-up with an email address that matches the domains you specify.

Note: If SSO is enabled in your helpdesk, user accounts will be created when a user signs in with their Google, Microsoft or custom SSO account for the first time. If you don’t have SSO enabled, you can turn on auto-join to allow users to create an account in Gorgias with an email address and password.


  1. From your helpdesk, click the Settings icon in the bottom-left corner.
  2. In the menu, locate Account, then select Access management.
  3. Under Auto-join helpdesk, click the toggle next to Auto-join for approved email domains to ON.
  4. Enter the domains that are approved to create accounts in Gorgias.
  5. Click Save changes.

Require mandatory 2FA

Two-factor authentication adds an extra layer of security to your user accounts by requiring them to use an authenticator app when signing in. Users in Gorgias can set up 2FA for their individual accounts, or Admins can make it mandatory for all users. Once mandatory 2FA is enabled, any user who hasn’t set up 2FA will see a warning notifying them to enable it within 14 days. Once 14 days have passed, a non-dismissible setup modal will be shown to them instead of the banner.

  1. From your helpdesk, click the Settings icon in the bottom-left corner.
  2. In the menu, locate Account, then select Access management.
  3. Under Two-Factor Authentication (2FA), click the toggle next to Require 2FA for all users to ON.
  4. Follow the on-screen prompts to set up your authenticator app. Be sure to save your recovery codes!
  5. Set an Enforcement time.
  6. Click Save changes.

To keep your data secure when 2FA isn’t enabled, Gorgias will send a verification link to a user any time they sign in from an unknown location, or from an IP address that hasn't been used within the last 30 days. Users will need access to the email inbox associated with the email address they’re signing in with in order to click the verification link and complete the sign in process.

Was this article helpful?
Yes
No