Authentication - Dual Authorization

Enable Dual Authorization

In Settings >> Authentication >> Dual Authorization

Enable the Dual Authorization option and click Save.

Enable Dual Authorization Role

The dual authorization user must also be a site admin or team manager.

Starting at the side menu: Users >> Selected admin >> Roles tab

Enable Site admin or Team Manager and set the team

or:

Enable Dual Authorization

Click Save.

Pending user status

When a new user is created with Dual Authorization enabled, the user is set to a pending status.

The user can be approved or denied by the Dual Authorization user assigned by the User Role.

The Dual Authorization process mandates that the user who creates a new user account must not be the same individual who approves it.

While the feature is on, and the option enabled:

• A review link is displayed in Settings >> Authentication >> Dual Authorization above the Enable section while there are new users pending approval by Dual Authorization.
  
  

• Emails are sent to site admins when a site admin changes the enable settings or the users Role for Dual Authorization enable.

Settings:

User Roles:

Emails are sent to site admins when a new user is created.



Emails are sent when a new user is approved or removed by the Dual Authorization enabled user.

The review link or the email link sent when the new user is created takes the currently logged in user to the Pending Authorizations tab.

If the current (logged in) user is assigned Dual Authorizations, check boxes appear and when checked, an Authorize New User button appears.

The new user's username for the Pending Authorizations tab can be clicked:

 and displays the User Edit tab and button along with the fields disabled for editing.