Manage Gorgias account accessUpdated an hour ago
You can manage how users can access Gorgias by enabling SSO, allowing domain signup, and requiring two-factor authentication (2FA) for all accounts.
Requirements
- Google and Microsoft SSO is available on all Helpdesk plans
- To set up SSO, you need to be an Admin in Gorgias
Enable or disable Single Sign-On (SSO)
You can set up Single Sign-on (SSO) with Google or Microsoft to allow your users to sign into Gorgias with their Google or Microsoft accounts instead of creating a unique password. If you use another IdP, learn more about setting up custom SSO.
- From your helpdesk, click the Settings icon in the bottom-left corner.
- In the menu, locate Account, then select Access Management.
- Under Single Sign-On (SSO), click the toggles to turn Google or Microsoft SSO ON or OFF.
- Click Save Changes.
Allow auto-join
Instead of manually inviting users to Gorgias, you can share an invite link with your team to allow them to create their own accounts. Users will need to sign-up with an email address that matches the domains you specify.
- From your helpdesk, click the Settings icon in the bottom-left corner.
- In the menu, locate Account, then select Access management.
- Under Auto-join helpdesk, click the toggle next to Auto-join for approved email domains to ON.
- Enter the domains that are approved to create accounts in Gorgias.
- Click Save changes.
Require mandatory 2FA
Two-factor authentication adds an extra layer of security to your user accounts by requiring them to use an authenticator app when signing in. Users in Gorgias can set up 2FA for their individual accounts, or Admins can make it mandatory for all users. Once mandatory 2FA is enabled, any user who hasn’t set up 2FA will see a warning notifying them to enable it within 14 days. Once 14 days have passed, a non-dismissible setup modal will be shown to them instead of the banner.
- From your helpdesk, click the Settings icon in the bottom-left corner.
- In the menu, locate Account, then select Access management.
- Under Two-Factor Authentication (2FA), click the toggle next to Require 2FA for all users to ON.
- Follow the on-screen prompts to set up your authenticator app. Be sure to save your recovery codes!
- Set an Enforcement time.
- Click Save changes.
To keep your data secure when 2FA isn’t enabled, Gorgias will send a verification link to a user any time they sign in from an unknown location, or from an IP address that hasn't been used within the last 30 days. Users will need access to the email inbox associated with the email address they’re signing in with in order to click the verification link and complete the sign in process.