Skip to main content

Authentication and access control

Authentication

Interval actions for an organization can only be accessed through the Interval dashboard for that organization.

Interval currently supports the following authentication schemes:

  • Email/password
  • Sign in with Google
  • SSO

You can sign up or log in with email or Google here. If you'd like SSO to be enabled for your organization, contact us.

As a developer, you don't need to do any additional work to enable authentication for your actions. Just provide an Interval API key for your organization when instantiating the Interval class.

Multi-factor authentication

Interval supports multi-factor authentication (MFA), also known as two-factor authentication, for added account security. MFA can be enabled for individual user accounts and can optionally be enforced for everyone in your organization.

Before using MFA, you will need an app that supports generating one-time passwords (OTP).

For iOS/macOS users we recommend StepTwo. If you are already a 1Password user, you can use 1Password to generate these.

To enable MFA:

  1. Visit your account settings page in the Interval dashboard.
  2. Scroll to the section labeled "Multi-factor authentication."
  3. Click "Enable MFA" and follow the remaining prompts.

As the owner of an organization, you can enforce that all users in your organization have MFA enabled. To enforce MFA:

  1. Visit the settings page for your organization.
  2. Click the "Security" tab
  3. Check the box labeled "Require Multi-factor authentication."

Roles

Members of your organization can be assigned one of four roles. Roles are assigned in the Users tab of the dashboard.

  • Admins can do everything.
  • Developers can run actions in Live mode and can access the Console to develop actions. Developers cannot create Live mode API keys.
  • Members can run actions in Live mode.
  • Auditors cannot run actions, but can view users in the organization and the logs for past transactions.

Permissions

By default, actions can be accessed by anyone in your organization with the requisite role.

Optionally, you can make Teams within your organization. Teams are groups of users. You might have teams for customer support, engineering, ops, and so on.

Once you've created teams in your organization, you can configure individual actions to be accessible only to members of specific teams.

From the configuration page for any action, you can do this by choosing Teams under "Availability" and choosing the teams that should be granted access.

Was this section useful?