Marfeel allows users to authenticate through a securely stored user and password or via Single Sign-On (SSO), which enables users to securely authenticate with multiple applications and websites using just one set of credentials.
Marfeel supports both Google and Microsoft OAuth services out of the box, meaning any existing user can authenticate with Google or Microsoft accounts.
Users will remain authenticated during 14 days on the same browser by default, regardless of the login method used. When logging in from a non trusted device, users can choose to authenticate only during current browser session by unselecting the checkbox below inputs “Remember me for 2 weeks”.
On the Enterprise plan, Marfeel offers advanced SSO settings that allow admins to force users to log in exclusively using their corporate accounts.
To activate SSO restrictions:
- Click on SSO Integration under Organization settings
- Define the user email domains that will be forced to login via Google or Microsoft corporate credentials. For example, in the screenshot below, any user with an email like
email@example.com the domain
aa.comwill be forced to use SSO authentication.
- Decide whether to
Automatically create user accounts:
- In order to force SSO authentication for all users under the specified domains, tick the option
Disallow non SSO authentications. This will prevent external users like correspondents or agencies to access to the platform unless they have a valid corporate account.
When SSO restrictions are active, if a user tries to log in via user & password, they’ll receive the following error: Your organization forbids your access with username and password
Depending on the Microsoft organization settings, the first time a user tries to login using SSO, the IT department that oversees Microsoft OAuth service might have to approve Marfeel: