For the backend (author or collaborator access)
Username & Password
By default, access to BRYTER is protected through a username and password combination. The username and password authentication mechanism authenticates you with your username and password credentials that are stored in an access management user repository. Password policies for custom password rules for your authors, can be configured individually based on your requests. We recommend following our password recommendations.
Please note that the following concepts are considered premium features which need to be enabled by your dedicated customer success manager. For further information, please reach out to your BRYTER Customer Success Manager or firstname.lastname@example.org. Additional pricing may apply.
Two-Factor Authentication (OTP)
For additional security a two-factor authentication may be activated. This requires you to enter an additional one-time password (OTP) before logging in to BRYTER. These one-time passwords can be generated by Google Authenticator or FreeOTP. The OTP policy can either be time based (TOTP) or counter based (HOTP). To enable OTP, please reach out to your Customer Success Manager.
Single Sign On (SSO)
BRYTER also supports Single Sign On (SSO). SSO is an authentication process that allows you to access multiple applications with one set of login credentials. BRYTER's supported protocol is SAML 2.0. To enable SSO for your backend, please reach out to your Customer Success Manager.
For the frontend (user or tester access)
Private URL & One-time Link
By default, each published or user-facing module is protected through a unique and impossible-to-guess Hash ID in its URL (Private URL). Thus, the interface cannot be queried by search engines or be accessed without knowing the exact string. To add an extra layer of security, it is possible to generate a one-time URL through an API with a limited lifetime: once loaded, the one-time link expires and cannot be used anymore. Please reach out to your Customer Success Manager for more information.
IP Range Protection
The access to a specific application/interface may also be limited to a specific IP or IP ranges. This is especially useful to limit internal access and control internal access management (e.g. relevant for BRYTER modules embedded in your intranet).
For additional security each interface may be protected through a password login. The password can be set and changed for each application separately. Password policies can be configured individually based on your requests. We recommend following our password recommendations.
Username & SSO
The password protection may also be combined with an author-based login (author and password authentication mechanism) or SSO (as described above) to limit the access to a BRYTER module.