Skip to main content
Contact Support

Account Security Settings

Ryan J.
Updated

Admins can configure account-wide security settings that apply to all users in your organization. This article outlines the different sections available under Security and what each one controls.

 

Accessing Security Settings

To open the Security settings:

  1. Click the Account gear icon in the bottom left corner of your Streamline dashboard.
  2. Hover over the Account menu option.
  3. Select Security.

 

The Security section includes these main areas:

  • Signup and Authentication
  • Multi-Factor Authentication (MFA)
  • Access Keys
  • Data retention

 

Each area is described in more detail below.

 

Signup and Authentication

The Signup and Authentication section is where you can configure and update your organization’s Single Sign-On (SSO) integration, manage email domains, and enforce authentication policies.

From here, admins can:

  • Add or modify your SSO provider configuration.
  • Approve or restrict allowed email domains for your account.
  • Enable the Enforce SSO option to require all users to log in using your SSO provider.

For step-by-step guidance on configuring SSO, see Setting up Single Sign-On (SSO) in Streamline.

 

Password Policy

The Password Policy settings allow admins to set organization-wide password requirements. These settings apply to all users who authenticate with a username and password.

All passwords in Streamline must contain at least one lowercase letter, one uppercase letter, one number, and one non-alphanumeric character. These requirements are fixed and cannot be changed.

Admins can configure the following additional restrictions:

  • Set a minimum password length. The minimum allowed value is 12 characters.
  • Enable password expiration by specifying the number of weeks before passwords must be reset.
  • Prevent password reuse by specifying how many previous passwords the system should remember.

To configure the Password Policy:

  1. Open Security settings and expand Signup and Authentication.
  2. Click Manage next to Password Policy.
  3. Set the Minimum password length. The value must be 12 or greater.
  4. Enable or configure any additional character requirements using the checkboxes.
  5. To enforce expiration, check Enable password expiration for and enter the number of weeks.
  6. To prevent reuse, check Prevent password reuse and enter the number of previous passwords to remember.
  7. Click Save.

To return all fields to their original values, click Reset to default settings.

Note: Only changes that increase restrictions are allowed. You cannot reduce a requirement that is already enforced.

 

 

Session Settings

The Session Settings allow admins to automatically close idle sessions to protect sensitive information.

When session inactivity detection is enabled, Streamline monitors user sessions for inactivity. If a session remains idle beyond the configured timeout, it is closed automatically on behalf of the user.

To configure session inactivity:

  1. Open Security settings and expand Signup and Authentication.
  2. Click Manage next to Session Settings.
  3. Check Enable session inactivity detection.
  4. Set the Inactivity timeout value and select a Time Unit (Minutes or Hours).
  5. Click Save.

The timeout can be set to any value between 15 minutes and 24 hours.

To return to the default settings, click Reset to default settings.

 

 

Multi-Factor Authentication (MFA)

The Multi-Factor Authentication section allows you to control how users verify their identity during login.

By default, Streamline enforces MFA via email, but admins can strengthen this by requiring an authentication app for all users.

For setup instructions and best practices, see Setting up Multi-Factor Authentication (MFA) in Streamline.

 

Access Keys

The Access Keys section allows you to enable and manage programmatic access for users.

When this option is turned on:

  • Users can generate their own access keys for API integrations or automated workflows.
  • Admins can view, manage, and revoke access keys at any time.

This feature is helpful for scenarios where users or developers need secure, programmatic access to Streamline data.

For details on how to create and manage keys, see Using Access Keys in Streamline.

 

Data retention

The Data retention section is for configuring if assets created during a workflow can be deleted after completion or saved for future use. When this feature is enabled, all files and outputs are stored in the repository for easy access. This feature is specific to the document repository feature that is a part of the CLM add-on.

 

Summary

The Security Settings page provides centralized control over key authentication and access options across your organization. Admins can configure SSO, enforce MFA, set password requirements, manage session timeouts, and control API access from one location to maintain a consistent and secure experience for all users.

Admins can configure SSO, enforce MFA, and manage API access from one location to maintain a consistent and secure login experience for all users.

Related articles

Comments

0 comments

Article is closed for comments.