Many organizations need to manage multiple Ziflow accounts for different agencies, brands, or departments. Trusted Accounts let administrators establish secure trust relationships between these accounts, also known as Partner Relationships.

Available for Ziflow administrators on: Enterprise

Trusted accounts enable:

• Trusted contacts: Active users in a trusted account are automatically synchronized to the trustee account’s contact list.
• Proof sharing control: Admins can restrict proof sharing to users within their own account and trusted accounts only. This ensures proofs are shared exclusively with verified domains and users.
• Authentication: Admins and users can switch between Single Sign-On (SSO)–enabled accounts without re-authenticating each time. This also applies to two-factor authentication (2FA) and trusted device setups.

Important 

• A separate tenant is required if you want to create a secondary or “satellite” account that users can switch between. You cannot create trust relationships within a single account, a second tenant must exist for this feature to work.
• A trust relationship can be established between different domains, not just accounts under the same domain, as long as the trust IDs are correctly exchanged.

Open Trusted Accounts

To open, go to Settings > Security > Trusted Accounts

Your trust ID is at the top of the Trusted Accounts page. Share this ID with other Ziflow accounts owned by your organization to establish trust.
By sharing your trust ID, you allow other trusted accounts to access information about your active users.

When another account adds your trust ID, your active users are automatically synced to their contact list as trusted contacts.

Add a trusted account

1. Select Add Account.
2. Enter the Trust ID of the account you want to trust.
   
   
   
   Ziflow confirms the connection and adds the account to your list.

Synchronization modes

Trusted account synchronization works in two ways:

• One-way trust: Users from your account are synced to all trusted accounts.
• Two-way trust: Both accounts exchange and update user contact lists automatically.
  To enable two-way trust, repeat the process in the other account (add your Trust ID to their Trusted Accounts list). Once mutual trust is established, both accounts stay synchronized.

To check your trust settings:

Look at the Trust relationship column for each trusted account.

We trust them = One-way trust

We trust them and They trust us = Two-way trust

Authentication behavior

When accounts are trusted, users can switch between them without needing to log in again, whether or not SSO is used. This also applies when 2FA is enabled.
For example, if your primary account doesn’t use 2FA but a secondary trusted account does, you won’t need to authenticate again with 2FA when switching.