gridscale explained: Security and Accounts

Datum: 13.11.2020

gridscale explainedWelcome to the second post of the gridscale explained series. In this guide, we’d like to walk you through all the possible ways that you can secure your account and how you can stay up to date with everything we release.

SAML – One Login to Rule Them All

SAML (Security Assertion Markup Language) is an open XML-based standard allowing users to login using their credentials, enabling single sign-ons (SSO). This way users can use their existing login credentials and don’t need to create multiple logins.

As a Partner, you can set up a SAML Provider by navigating to »Settings« under »Tenants«.

Click »Configure New SAML Provider« on the top right and provide a name for your Identity Provider.

Configure new SAML Provider

Fill out the details for »Entity ID«, »SSO URL« and the latest »X509 Certificate«. You also have the option to directly upload the certificate.

Identity Provider Information

Select any additional options that you desire and click the toggle button under General Settings to activate your specified SAML Provider, and Save.

General Settings SAML

Congratulations, you have successfully set up your SAML Provider for your tenants!

Magic Link – Passwordless Account Access

Even though we use the secure HTTPS protocol, logging in from an exposed or public network can pose potential security risks, so we also offer an alternative passwordless way to easily access your account, called the »Magic Link«.

When logging in, click the »Send Magic Link« option, and you’ll be prompted for your email address, enter your email for the account you would like to login and we will email you a link.

Magic Link

Follow the link inside the email, and voila, you are logged in.

Two Factor Authentication (2FA)

Two-factor Authentication is especially important for admins or any other accounts with write access. By supplying a one-time password (OTP) that is refreshed every thirty seconds along with your login credentials, you can add an additional layer of security to your logins.

This code is generated using an authenticator app on your smartphone, tablet or computer. This way a potential attacker cannot access your account even if your password is compromised.

As a public user, you can follow the below steps to enable 2FA:

  • Download an authentication app such as Aegis or Google Authenticator.
  • Login to your account, navigate to settings, then click »Activate 2-Factor authentication«

2 Factor Authentication

  • Scan the barcode with your authentication app of choice, enter the 6 digits that are generated within the app.
  • You’ll then be prompted at each login to input the code generated by the authentication app.

Removing 2FA

  • Click the delete button next to the device name
  • Remove the code generator from the authentication app

As a partner, you have the possibility to set a custom OTP Name to be displayed on your tenant’s authenticator app by navigating to »Settings« under »Tenants«, under the »General« tab. Specify your custom OTP Name and save your changes.

You’ve successfully set up Two Factor Authentication for your account!

Resource Limits

As a public user, our smart auto scaling feature automatically upgrades your resource limits once you’ve reached 80% of the default resource limits. You’ll never have to worry about running out of resources, ever!

Resource Limits Partner
As a partner, you have the possibility to set resource limits for your Tenants by navigating to »Settings« under »Tenants«, under the »Limits« tab. These settings are reflected across all tenants but you can also adjust them individually for each tenant as well.

API Security

API Tokens can have read only (RO), read and write (RW) or unrestricted access levels which are explained in detail as follows:

  • RO – Can view resources but cannot make changes (POST, PUT, DELETE).
  • RW – Can do any action via the API, exceptfor admin actions e.g billing.
  • Unrestricted – No limitations.

You can create »API Tokens« under the »API Keys« menu.
API token

    • Select »Create API-Token« and specify a token name.

API Token 2

    • You can then set if you want the token to expire by selecting a date under the »Valid Until« column.

Api Token 3

  • Specify the access level under the »Permissions« column.

You can read more about how you can use our API within the documentation here.

Stay Updated

If you wish to stay up to date with recent news and updates, you can visit our Release Notes page where we post new releases, improvements as well as fixes.

For infrastructure and service updates detailing downtimes and scheduled maintenance, you can visit our Status page.

To stay up to date with recent news, you can subscribe to our RSS feeds:
Blog, Tutorials, Release Notes

We hope that this guide has helped you understand all the different ways to secure your account as well as how to stay abreast of everything happening at gridscale.

If you’d like to read the first post in our Explained series covering our Easy and Expert Panels, click here.

Alan James

Alan James | Team Product
Alan draws from a strong background in Product Management, Strategy, Operations and techno-functional FinTech consulting. While pursuing his Bachelor's in Computer Engineering from one of India’s leading technical universities, Alan was the lead for Google Developers Group.

Zurück zur Übersicht