Authentication
Authentication settings control how users sign in to your portal. You can also restrict access to specific email addresses or domains.
Authentication Types
Select the authentication method that matches your audience's needs:
Anyone with the portal URL can access it - no login required.
Best for: Open demos, public-facing portals, internal teams where friction is not desired.
All users share a single access password. Simply enter a password and click save.
Best for: Small teams, controlled internal rollouts.
Simply enter a password and click save.
For changing the password, edit the Access Password field.
Users will see a password prompt when they visit the portal URL. They enter the shared password once per session.
Users enter their email address and receive a one-time sign-in link. No password is needed.
Best for: Teams where individual identity matters, or when you want to track usage per user.
Select the magic link & click on save.
Optional - Approved Users:
Enter individual email addresses or entire domains (e.g.
@yourcompany.com) in the allowlist.Click Add after each entry.
Enterprise SSO via SAML. Users sign in through your identity provider (e.g. Okta, Azure AD, Google Workspace).
Best for: Enterprise deployments with existing identity infrastructure.
Requirements: SSO must be enabled on your plan. Configure SSO:
Select SSO.
The SSO Configuration panel appears.
Enter the required SAML parameters provided by your identity provider:
Entity ID
SSO URL
Certificate
Click Save.
Contact your identity provider's admin to obtain SAML metadata. The TCG platform acts as the Service Provider (SP) in the SAML exchange.
Last updated