These docs are for v4.3. Click to read the latest docs for v4.5.

Authentication

Overview

In addition to accounts created in CoreStack, an admin with Azure AD access or an LDAP on-premises account can be used to login into CoreStack. Once the admin is logged in, any user available under the corresponding admin account can login into CoreStack and the user will be assigned under the same admin account.

Azure Account SSO Login

The following steps need to be performed to login using a Microsoft Azure account.

  1. Click on 'Microsoft Azure Account' option in the 'Or Login with' section of CoreStack login page.
  2. Provide the email address associated with your Microsoft Azure account in the Business Email field.
  3. Click on Proceed to Azure Login button. You will be redirected to Azure Portal.
  4. Provide your Azure Portal Password when prompted.
  5. Click on 'Sign in' button.
  6. Upon successful authentication of the password, it displays the permissions requested by CoreStack from Azure AD (It will be available only for admin account). Click on Accept button.
  7. Once logged into CoreStack, a new Project / Account will be created in CoreStack with your Microsoft Azure account's email address as username.

After the Azure AD is successfully set up, all the users available under this Azure AD admin account can login into CoreStack. The user will be assigned under the same project / account that is created earlier for the Azure AD admin account in CoreStack. These users will have restricted access to CoreStack and will be created with Ops Team member role.

LDAP On-Premises SSO Login

The following steps need to be performed to login using the LDAP on-premises credentials.

  1. Click on 'LDAP On-Premise' option in the 'Or Login with' section of CoreStack login page.
  2. Provide the email address associated with your LDAP admin account in the Business Email field.
  3. Click on Proceed to LDAP Login button. You will be redirected to LDAP authentication.
  4. Provide your LDAP Password when prompted.
  5. Click on 'Sign in' button.
  6. Upon successful authentication of the password, it displays the permissions requested by CoreStack from LDAP admin account (It will be available only for admin account). Click on Accept button.
  7. Once logged into CoreStack, a new Project / Account will be created in CoreStack with your LDAP admin account's email address as username.

The LDAP SSO login mechanism works similar to the Azure AD. After the LDAP admin account AD is successfully set up, all the users available under this LDAP admin account can login into CoreStack. The user will be assigned under the same project / account that is created earlier for the LDAP admin account in CoreStack. These users will have restricted access to CoreStack and will be created with Ops Team member role.

Multi Factor Authentication

You can login using multi factor authentication (MFA) and authorization into CoreStack portal.

  • Account administrator can enable/disable MFA at account level (tenants and users are part of the account).
  • You cannot enable/disable MFA at tenant or user level.

We support multiple factors:

  • Email.
  • One time password with Google Auth.

Enable/Disable MFA

To enable/disable MFA for a tenant or specific user, follow the steps.

  1. Login using administrator credentials.
983
  1. Click Settings > Account.
1218
  1. Click Advance Settings.
1218
  1. Enable MFA for the respective account.
1215
  1. Click Save Configuration.
  2. Login again. The MFA window appears.
  3. Scan the QR code using preferred authenticator app.
  4. Enter the one-time code.
966
  1. Click Continue. The dashboard appears.