Account settings

Aha! Whiteboards

Configure the account settings to help your team do their best work. You will also use these settings to manage the account itself — auditing activity, managing user permissions, and securing the account to keep proprietary information safe.

There are three levels of account settings. These correspond to the three levels of administrator permissions: Account, Billing, and Customizations. In this article, we will focus on the Account settings.

Account profile

Your account profile is located in your account settings. From here, you can customize your account's identity. You will need account administrator permissions to access and configure your account profile.

Your account profile is comprised of two parts:

  • Name: The name of your company (e.g. "Fredwin, Inc."). You can enter any name you want to use here.

  • Custom domain: The domain name that you will give to your users to access your account (e.g. "https://yourcompanyname.aha.io."). You select it when you first sign up for Aha! Whiteboards.

It is possible to change your account's custom domain name, but there are a few things to consider before doing so:

  • You can change your account's domain name to anything that has not already been taken by another Aha! account. If the name you want has been taken, please contact our Customer Success team and we will see if we can help.

  • A domain name change will affect any bookmarks and saved links to your Aha! account, including all shared whiteboards. This means that anyone outside your account that has access to a whiteboard via shared links will need new links to continue accessing that whiteboard.

To change your domain name:

  1. Ensure that all other users are logged out of your Aha! account, so they do not receive error messages.

  2. Go to Settings ⚙️ -> Account -> Profile.

  3. Type your new domain name in the Custom domain field.

  4. Click Update account profile.

Top

Security and single sign-on

These settings affect the information in your Aha! account — who can access it and how you choose to share it. Let's start with enabling two-factor authentication.

Two-factor authentication can improve your Aha! account's security by adding another level of protection to the login process. When you first log in, an integrated security platform sends a message to your phone (mobile or landline) asking you to confirm that you are the person who initiated the login. Once you confirm, the login is successful.

If you did not initiate the login attempt, you can deny the attempt and avoid a security breach.

We have integrated Aha! with Duo Security for two-factor authentication. Duo offers several authentication techniques, simple configuration, and a free plan for small teams.

If enabled, two-factor authentication applies to all users in your Aha! account.

Enable 2FA for your account

  1. An Aha! administrator must first sign up for a Duo account. There is no need to add your Aha! users to Duo manually — they will be added automatically the first time they log into Aha! after two-factor is enabled.

  2. In Duo, navigate to Applications and select Protect an Application. Set the Type to Web SDK, and Name your application "Aha!" (or something similar).

  3. Use Duo's default settings and copy the Client ID, Client secret, and API hostname values for when you move to your Aha! account to enable two-factor authentication.

  4. In Aha!, navigate to Settings ⚙️ -> Account -> Security and single sign-on -> Duo Security two-factor authentication.

  5. Enter the values you copied from Duo into the appropriate Aha! fields.

  6. Select whether you want to apply two-factor authentication to All users (including single sign-on) or Username and password users only. Then click Update authentication.

  7. Test the authentication by using a different browser (or a different device), so that you can change the settings if they are wrong. In your alternate Aha! instance, try logging in. After entering your email address and password, you will be prompted to enroll for two-factor authentication.

To configure 2FA for your account, follow these steps:

  1. The first time you log in to Aha! after 2FA has been enabled, you will see a pop-up. Click Start Setup to continue.

  2. You will be prompted to select the device that Duo will use to verify your login attempts. We suggest using your mobile phone.

  3. Enter your location, phone number, and type of phone.

  4. If you have selected your mobile device, launch the appropriate app store to download and install the free Duo app.

We strongly suggest that you tap OK when asked if Duo Mobile should be able to send push notifications to you. This is important because when you log into the Aha! web application, you will automatically receive a notification on your phone. After you hit Confirm on your phone, you will be automatically be logged in into your Aha! web account.

To set up a new mobile device for 2FA, follow these steps:

  • If you replace your device, you will need to reactivate your account in order for Duo's push notifications to function.

  • If your Duo administrator has you set up to manage your own devices, you can do this yourself. Otherwise, you will need to contact the Aha! administrator with admin access to your Duo account to send an activation link to your new device.

Single sign-on

The Single sign-on section of the settings allows you to enable single sign-on (SSO) in your account.

Aha! supports SAML 2.0 and G-Suite as identity providers. Use the Identity provider dropdown to select your preferred identity provider, and follow the prompts to enable SSO and apply it to specific workspaces or parent lines. Click Enable to enable SSO.

Top