ReqVise

Tenant Authentication Configuration
AD
User AD
Home Administration Tenants VCNR Technologies Authentication
General Authentication Feature Flags Integrations Audit Log

Authentication Configuration

VCNR Technologies

Login Methods

Email + Password
Standard email and password authentication
Phone + OTP
SMS-based one-time password
Username + Password
Traditional username-based login
At least one login method must be enabled

Password Policy

Minimum Length
Require Uppercase
Require Lowercase
Require Number
Require Special Character
Password Expiry (days)
Days until password must be changed
Password History
Prevent reusing last N passwords

Multi-Factor Authentication

MFA Status
Enable multi-factor authentication for this tenant
MFA Method
Enforce for all users
Require MFA for every user in this tenant
Grace period for new users
Time allowed before MFA is required

Session Management

Session Timeout (minutes)
Idle timeout before automatic logout
Max Concurrent Sessions
Maximum active sessions per user
Remember Me Duration (days)
How long to keep user logged in
Force re-authentication for sensitive actions
Require password confirmation for critical operations

Single Sign-On (SSO)

SSO Status
Enable Single Sign-On for this tenant
SSO Provider
SSO Entity ID
SSO Metadata URL

Enable SSO to configure provider details

Security Policies

IP Whitelisting
Restrict login to approved IP addresses only. Configure allowed CIDRs below.
Allowed IP Ranges
CIDR notation, comma-separated
Device Binding
Users can only log in from registered devices. First login from new device triggers OTP.
Max Registered Devices
Per user account
Geo-Restriction
Block login attempts from outside specified countries.
Allowed Countries
ISO 3166 country codes

Configuration Lock

When locked, authentication configuration cannot be changed without explicit unlock. This prevents unauthorized changes to security settings in production.
Lock Status
Unlocked
Last Configuration Change
By whom and when
Sunil Kapoor (CFO) · 14 Jan 2025, 11:32 AM
Lock Configuration
Immutability confirmation: Checking this will prevent all changes to authentication settings until explicitly unlocked by a Super Admin.
Simulates login with current settings to verify before locking.

Procurement Rules

Amendment Lock Period
Duration a PO amendment is locked after approval
Auto-Escalation Threshold
Lock age before escalating to CFO
hours
Maximum Lock Duration
Hard cap — no override beyond this
Notify CFO on Lock Escalation
Send email + in-app notification when a PO amendment lock exceeds auto-escalation threshold.
Allow Vendor-Triggered Unlock
Vendors can request unlock via vendor portal. Requires CFO approval.