Breadcrumbs

Two-Factor Authentication (2FA) Configuration

Configuration, enabling, and disabling of 2FA

This guide explains how to configure Two-Factor Authentication (2FA) in GlobalSuite® to enhance platform security. It includes steps to enable it as mandatory or optional, how to activate 2FA via TOTP or Email, recovery code management, and how to disable it based on the state defined by the environment administrator.

2FA Configuration

GlobalSuite® allows adding a Two-Factor Authentication (2FA) to enhance security and privacy. The steps to follow for configuration are as follows:

Step 1. Access the Settings > General > Company Option

2FA can be disabled, optional, or mandatory for all users in the environment.

This is determined solely by the environment administrator(s).

Through the Settings option, you can access all platform and user configuration options.

image-20251014-120208.png

Step 2. Configure Two-Factor Authentication

Proceed to configure the use of Two-Factor Authentication in the environment. Here, you can choose the 2FA State by clicking on the dropdown and the Type:

The possible states that can be indicated are:

  • Disabled: the 2FA option is disabled for all users in the environment.

  • Enabled Optional 2FA: the 2FA option is enabled optionally for all users in the environment. Consequently, each user can choose whether or not to activate 2FA.

  • Enabled Mandatory 2FA: the 2FA option is enabled mandatorily. Consequently, the system forces all users to activate 2FA immediately.

image-20251014-120319.png

The types available are TOTP or Email.

  • TOTP: Each time the user attempts to access the application, they must enter a unique numeric code generated by a mobile authentication app.

  • Email: Each time the user attempts to access the application, they must enter a temporary code received in their associated email.

2FA Enabling - TOTP - Mandatory

When the Administrator activates 2FA, if a user is connected, the message shown below will appear immediately. If not, the instructions will appear when they log in again.

To activate Two-Factor Authentication via TOTP, the following steps must be performed:

  1. Download and install an application that allows managing this two-factor authentication.

  2. Once installed, the QR code displayed on the screen must be scanned, or the Secret Key must be entered manually as shown on the screen.

    image-20251014-135357.png

  3. Once linked, the token or temporary code obtained through the application must be entered in the 2FA Code field and the Activate button must be pressed.

  4. Finally, the recovery codes that appear when pressing “Show Codes” must be securely stored.

    image-20251014-133205.png
    image-20251014-135523.png


    Once activation is completed, each time you log in to GlobalSuite®, the system will request the 2FA code displayed on the configured device.

att_26_for_1362985049.jpeg

2FA Enabling - Email - Mandatory

When the Administrator activates 2FA, if a user is connected, the message shown below will appear immediately. If not, the instructions will appear when they log in again.

To activate Two-Factor Authentication via Email, the following steps must be performed:

  1. A window will open for configuration. In Step 1, the user must press the Send button, which will generate an email with a unique and temporary code sent to the address associated with their account.

    image-20251014-131627.png

    1. If necessary, the code can be resent, although it will be limited to a maximum of 3 resends per user within a 5-minute period.

      image-20251014-131548.png

  2. Copy and paste the 6-digit code received in the email into the 2FA Code field and press Activate. If correct, 2FA will be enabled, and the “View Codes” button will be displayed.

    image-20251014-133403.png


  3. Finally, the recovery codes that appear when clicking on “View Codes” must be securely stored.

    image-20251014-131858.png

Once activation is completed, each time you log in to GlobalSuite®, the system will send an email with the code.

image-20251014-133929.png

2FA Enabling - Optional

2FA Configuration

GlobalSuite® allows each user to optionally activate a Two-Factor Authentication (2FA) to enhance security and privacy, provided the environment administrator decides so. The steps to follow for optional 2FA activation are as follows:

Step 1. Access the Profile Option

Through the Profile option (at the top right of the screen), the user can access their own profile configuration.

att_24_for_1362985049.jpeg

Step 2. Activate Two-Factor

Proceed to activate Two-Factor Authentication by clicking the Activate Two-Factor button.

Next, follow the instructions that will appear on the screen (see the next slide).

att_28_for_1362985049.jpeg
Activate Two-Factor - TOTP

  1. Download and install an application that allows managing this two-factor authentication.

  2. Once installed, the QR code displayed on the screen must be scanned, or the Secret Key must be entered manually as shown on the screen.

    image-20251014-133150.png

  3. Once linked, the token or temporary code obtained through the application must be entered in the 2FA Code field and the Activate button must be pressed.

    image-20251014-133130.png

  4. Finally, the recovery codes that appear when pressing

    image-20251014-133205.png

    Once activation is completed, each time you log in to GlobalSuite®, the system will request the 2FA code displayed on the configured device.

att_26_for_1362985049.jpeg
Activate Two-Factor - Email

To activate Two-Factor Authentication via Email, the following steps must be performed:

  1. A window will open for configuration. In Step 1, the user must press the Send button, which will generate an email with a unique and temporary code sent to the address associated with their account.

    image-20251014-131627.png

    1. If necessary, the code can be resent, although it will be limited to a maximum of 3 resends per user within a 5-minute period.

      image-20251014-131548.png

  2. Copy and paste the 6-digit code received in the email into the 2FA Code field and press Activate. If correct, 2FA will be enabled, and the “View Codes” button will be displayed.

    image-20251014-133403.png

  3. Finally, the recovery codes that appear when clicking on “View Codes” must be securely stored.

    image-20251014-131858.png

Once activation is completed, each time you log in to GlobalSuite®, the system will send an email with the code.

image-20251014-133929.png

2FA Disabling

Disable Mandatory Two-Factor Authentication

To disable Two-Factor Authentication when it is mandatory, the environment Administrator must follow the steps indicated in the 2FA Configuration section, then select the Disabled value from the dropdown and save the change.

image-20251014-134301.png

Disable Optional Two-Factor Authentication

To disable Two-Factor Authentication when it is optional, follow steps 1 and 2 of the 2FA Enabling - Optional section, then click the Disable Two-Factor button.

Subsequently, confirm the action by clicking the Accept button in the pop-up window.

att_22_for_1362985049.jpeg