Admin Settings

This page details the configuration options available to administrators for managing authentication, security, licenses, user permissions, and company settings within Cetbix.

---

Overview

Admin Settings centralize critical configuration for:

• User access and identity management
• Security controls (SSO, MFA)
• Company & license provisioning
• Role and permission administration
• System defaults and feature toggles

Well-configured Admin Settings help protect your organization, streamline onboarding, and support compliance with security best practices.

---

1. Security Settings

1.1 Multi-Factor Authentication (MFA)

MFA adds a second layer of protection for user accounts.

Administrators can enable MFA for all users or specific roles:

1. Navigate to Authentication → Settings
2. Select the desired MFA method (TOTP, push, etc.)
3. Configure enforcement scope (mandatory / optional)

Best Practice: Require MFA for all accounts to reduce risk of credential compromise. :contentReference

1.2 Single Sign-On (SSO)

SSO allows users to authenticate using an external identity provider (IdP) such as Azure AD, Okta, or Google Workspace.

1. Go to Authentication → SSO Settings
2. Enter your SAML/OIDC configuration from your IdP
3. Enable SSO and test with a non-admin user first

Note: Some services require SSO configuration before enabling MFA changes.

1.3 Multi-Layer Defense

Combining SSO with MFA supports layered defense — giving both identity federation and strong authentication. Administrators should:

• Enable MFA before enforcing SSO

---

2. Identity & Access Management

2.1 Roles and Permissions

Define clear roles with the minimum required privileges (principle of least privilege).

Recommended roles include:

• Super Admin – Full system-wide access and security settings

   – Manage company users and licenses

– Manage user profiles and assignments

Best Practice: Limit the number of Super Admins to reduce exposure risk.

2.2 User Provisioning

Admins can add or import users and assign them to companies.

1. Go to Employees → Add Paid User
2. Enter user details
3. Assign company and permission
4. Save

Administrators should periodically review active accounts and remove unused or inactive ones.

2.3 User Deprovisioning

To remove a user:

1. Employees → All Employees
2. Locate user
3. Select Delete

Ensure deprovisioning is tracked for audit purposes.

---

3. Company & License Management

3.1 Company Registration

To register a new company:

1. Navigate to Enterprise Management → Register a Company
2. Provide company details and select license
3. Mark Active
4. Save

Administrators can view and manage registered companies from the main company list.

3.2 License Assignment

Licenses can be obtained via the platform or through direct sales channels. It’s recommended to coordinate with sales before purchasing. Administrators should monitor license usage regularly.

---

4. System Defaults & Configuration

4.1 Company Defaults

Admin Settings include global defaults such as:

• Branding options (logo, theme)

Ensure defaults meet your organization’s policies before deployment.

5. Audit & Monitoring

5.1 Activity Logs

• Login attempts

6. Best Practices

• Enforce MFA for all accounts.
• Use SSO with verified identity providers.
• Limit number of high-privilege accounts.
• Perform regular reviews of users, roles, and license utilization

Related Pages

• Admin Manual
• User Management
• Company Registration
• Security Guide