Security Settings allows admins to setup security configuration details to control login and access restrictions for users. This article covers the permission required to edit the security configurations and how to set up the login and access restrictions for users in Sprinklr.

To Manage Permissions for Sprinklr Secure Settings

1. Open a new tab and navigate to All Settings > Manage Customer > Global Roles.

2. In the top right corner of the Roles (Settings) window, click Create Role. To learn more about creating a role, see Manage Roles.

3. In the Add Role window, under Select Permissions, search 'Security Settings'.

4. Click Manage under Security Settings.

   ​

   ​

   ​

5. Click Save in the bottom right corner to save the permission.

To Configure Security Settings

1. Open a new tab and navigate to All Settings > Manage Customer > Security Settings. This will lead you to the Security Settings page where you can view the current security configuration details.

2. Click Edit in the bottom right corner to start configuring the following login and access restrictions for users -

   • Forgot Password Workflow: Setup the workflow for when user forgets the password using the following options -

     • Email redirect link: Check this option to allow users to receive a reset password link through registered email ID.

     • Add second level verification: Checking this option will send an OTP through SMS to the user's registered mobile number. Click on the dropdown to send the OTP through mobile or email. You can also select security question for second level verification.

     • Add third level verification: User will be redirected to go for 3rd level verification on entering the answer for the security question.

       ​

       

       ​

   • Account Unlocking Workflow: Setup the workflow for when an account is locked. You can use the same workflow as the Forgot Password workflow and specify the number of password entry attempts along with mobile and secret question configuration reminder frequency in this section.

     ​

     

     ​

   • Restrict Users by IP address: Check this option to define IP ranges that the user should lie in to login to Sprinklr.

   • Session Timeout - Control the inactivity time post which the user is logged out

   • TFA Method for all users -

     • Decide which TFA methods can be shown to which users

     • For example, we can limit the authenticator app TFA method only to certain user groups, the rest will not see this option

   • Password Expiry Time – Time in Days 

   • Password Creation Rules - Define the allowed password length, number of special characters, number of numerical characters and so on.

   • User Deactivation Time - Number of days after which user is marked as inactive – Time in days 

​

​