Security Settings
Authentication, access control, and incident response
All Clear
Single Sign-On (SSO)
ProviderDistrict IdP (SAML 2.0)
Entity IDurn:basinrec:eam:saml
ACS URLhttps://eam.basinrec.demo/auth/saml/acs
CertificateValid (expires Dec 2026)
Status Connected
Multi-Factor Authentication
Enforce MFA for all users
Methods AllowedTOTP App, SMS, Security Key
Enrolled Users0 / 0
Grace Period7 days for new accounts
Session Policy
Idle Timeout
Max Concurrent Sessions3 per user
Failed Login Lockout5 attempts / 15 min lock
Force Re-auth for Sensitive Ops Enabled
Network Access Control
IP Whitelist
Allowed CIDRs
10.0.0.0/8 (District LAN)
172.16.0.0/12 (VPN)
198.51.100.0/24 (Field WiFi)
TLS Requirement TLS 1.3
Password Policy
Security Incidents
0 Open0 Closed