Authentication Settings

Manage authentication options including session timeout, Single Sign-On (SSO), Multi-Factor Authentication (MFA), and password policies for your account.

Authentication is a critical part of securing your Monetization environment.
The platform allows administrators to define how users log in, how long sessions remain active, and what security measures (such as Multi-Factor Authentication) are required to protect accounts.

To configure authentication settings:

  1. Open the Menu (bottom left, click on your username).
  2. Select Business Portal.
  3. Click Security.

The Authentication Settings page is displayed.

Authentication Settings Page

Available Settings

Session Timeout

The session timeout determines how long a user can remain inactive before being automatically signed out.
This helps protect against unauthorized access if a user forgets to log out.
Enter the duration in seconds (e.g., 300 for 5 minutes).

Tip: For production environments, we recommend setting a shorter session timeout (e.g., 10–15 minutes) to minimize security risks.

Single Sign-On (SSO) Providers

Single Sign-On (SSO) enables users to log in with their existing accounts from trusted providers, reducing the need for separate credentials.
Monetization supports several SSO integrations out of the box:

  • Google – Allow users to authenticate using their Google Workspace or Gmail account.
  • Twitter – Enable login with Twitter credentials.
  • Facebook – Allow authentication via Facebook accounts.
  • Microsoft Entra ID – Integrate with Microsoft’s enterprise identity service (formerly Azure AD).
  • Custom OIDC Provider – Configure any identity provider that supports the OpenID Connect (OIDC) standard.

You can enable one or more providers depending on your organization’s needs.
For example, enterprises typically use Microsoft Entra ID or Google Workspace, while customer-facing applications may offer social logins like Facebook or Twitter.

👉 See our step-by-step guide: How to Set Up Keycloak as an Identity Provider for Entra ID SSO

Create Identity Provider

Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) requires users to provide an additional verification method (such as an authenticator app or SMS code) during login.
Enabling MFA significantly improves account security by ensuring that a stolen password alone cannot be used to access the system.

To enable MFA, toggle the Multi-Factor Authentication switch. Once enabled, all users will be required to complete MFA when signing in.

Password Policy

A strong password policy is essential to prevent brute-force attacks and ensure account safety.
Administrators can configure the following rules:

  • Minimum password length (recommended: 12 or more characters).
  • Maximum password length.
  • Password expiration (maximum password age in days).
  • Complexity requirements:
    • At least one uppercase letter.
    • At least one lowercase letter.
    • At least one digit.
    • At least one special character.
    • Restrict use of email or username in the password.

These policies ensure that users create secure and unique passwords that are harder to guess or reuse.

Saving Changes

Once you have updated the settings, click Submit to apply and save the configuration.
Changes take effect immediately for all new logins and sessions.

Best Practices

  • Always enable MFA for production environments.
  • Use SSO whenever possible to centralize identity management and reduce password fatigue.
  • Set strong password policies (minimum length of 12–16 characters with complexity rules).
  • Adjust session timeout based on compliance or security needs (shorter timeouts for high-security accounts).