Security Settings
Last updated
Was this helpful?
Last updated
Was this helpful?
BirdCRM supports multiple security settings to give you control over how your users access your organization and protect your data.
To ensure your organization's security, you can require that all users enable multi-factor authentication (MFA). To activate this feature, toggle the setting in the Access Settings section.
When this setting is enabled, any users who do not have MFA configured will be prompted to set it up before their next login attempt. Users logging in through Single Sign-On (SSO) will not be impacted by this change..
Tip: Users who authenticate via Single Sign-On will not be affected by this requirement.
To further secure your BirdCRM environment, you can restrict access to specific IP addresses. This can be configured through the Access Settings section.
You can enter individual IPv4 or IPv6 addresses or CIDRs (e.g. 123.14.12.1/24). You can also set users who are exempt from the IP restrictions and will continue to be able to access your BirdCRM organization from any IP address.
Tip: IP Restrictions only impact users accessing your BirdCRM organization. Access keys will continue to be able to make API calls from any IP address.
Go to the Access Settings page of your organization settings.
Under the IP Restrictions section, you can click the + icon next to Restricted IP Addresses to add new IP addresses to restrict access to. IP address can be added one per line and can either be a single IP address or a CIDR. Both IPv4 and IPv6 are supported and can be used concurrently.
Be careful when adding IP restrictions! If you enter the wrong IP address, you may be locked out of your organization.
To exclude specific users from IP restrictions, click the + icon next to Users excluded from IP restrictions and add the appropriate individuals.
After completing the setup, click Save to apply your changes.
Your users can now only access your organization from your set of allowed IP address(es).
Tip: We recommend keeping at least one user in the exclusion list who has permissions to configure your IP restrictions to ensure you do not get locked out of your organization.
