Ziflow administrators can enable security settings that vary by plan level.

Depending on the type of your Ziflow subscription you may see different options:

  1. Allow embedding the Ziflow application - embedding the Ziflow application in an iframe makes it susceptible to the click-jacking security vulnerability. You can decide which parts of Ziflow could be embedded:

  2. Allow to keep users logged in - if enabled users will be able to select the “Keep me logged in” option when logging in to the platform which will keep their session for 7 days.

  3. Keep authentication session - this setting lets you define after what time the user session is stopped. (Enterprise edition only)

  4. Disable user account when inactive - this option automatically disables inactive users after a set period of time. (Enterprise edition only)

  5. Account lockout - when turned on users will be locked out when 5 times provide the wrong password. System admins may enable the locked-out users. The feature is not being supported is users are authenticating with SSO.

Did this answer your question?