Configure security settings

You can define the way users are allowed to access your instance on the Security Settings page, accessed via the Admin menu.

Configure SSO (SAML)

You can configure your xMatters deployment to work with SAML (Security Assertion Markup Language). For complete instructions on how to configure SSO for your instance, see Configure Single Sign On with SAML.

Set the password policy

When you create a new account, your password must follow xMatters' default password requirements.

You can set the web/app login password and mobile app passcode requirements for a company using the Security Settings page. The settings on this page determine the rules each user in a company must follow when resetting or changing their login password or passcode.

The password policy settings apply to user web/app logins only; they are not enforced for users added via the Data Synchronization and User Upload features. You can force the expiry and reset of a user's password; for details, see Control a user's access.

Set the web session duration

You can adjust how long a logged-in user can remain inactive in xMatters before they are automatically logged out.

By default, users can have multiple browser sessions open at the same time, provided they do not exceed the maximum session duration. If your organization's security policy forbids users from logging in to xMatters in more than one browser session (i.e., multiple windows or tabs), you can opt in to disallowing concurrent web sessions. To enable this option for your instance, contact Customer Support.