Overview

This article walks you through navigating your account preferences, setting up user accounts for your employees, and provides resources for additional network security.


My Account

Navigate to Control Center - My Account.

This includes your personal information, as well as a link to change your password, your personal API key for initiating API integrations (not to be given to 3rd parties, such as Partners or Advertisers). If you are a Partner or Advertiser manager, you will also see a Partner/Advertiser sign up link that will automatically list a new Partner/Advertiser sign up under you, provided their application is accepted.

Default notifications have been selected for your account. If you wish to customize these notifications to your preference, select the toggle to the right of the action that represents your desired deliver method/s. 

Please Note: After 25 unsuccessful login attempts, the user will have to wait 10 minutes before being allowed to try again.


Setting up Employee Accounts

Navigate to Control Center - Accounts.

Accounts is where you can create, delete and manage the access of employees by setting their roles. Only Administrators have access to the Roles section.

Who is an Administrator? Refer to the rightmost column under a user's name. Administrators are marked with a green tick and "Yes".

Partner Manager - If Global access is selected, the Partner Manager can see stats for all other Partners that are not assigned to them. If Limited is chosen, the Stats in their reports will be for their own Partners only.

Default Partner/Advertiser Manager - This setting assigns the employee as manager for new Partners and/or Advertisers when the sign-up link is used. Please note that there can only be one default Partner/Advertiser manager for each Everflow account.


Managing Employee Permissions

Navigate to Control Center - Roles <<need Admin access to add an employee>>

This is where you'll define your user's access to sections of the platform. Roles can be created for any Employee type. If you are an admin, you can create new roles and manage what left side menu items are visible to the Employee. Sections of the UI can be hidden for sensitivity reasons, or to simplify the dashboard of a user with a very narrow focus. When creating your Role, you will see a drop down menu asking you to select whether the permission should include the ability to edit and make changes (Full Access), or the permission is to simply view the section (Read Only).


Employee Account History Log

Navigate to Control Center - Accounts - History tab

History is where you can view any modifications made within the platform by specific employees and timeframe.


Best Practices for Employee & Network Security

Your login password and API Key are extremely confidential, and need to be protected and stored securely. This section will review default security features, as well as optional tools that can be enabled by request.

Password Protection

Passwords must have at least eight characters, and include at least one letter and one number. Passwords are hashed and salted, and are never stored in plain text, so it is impossible to access any password from Everflow servers.

Recommendations:

  • Create a password that is unique to Everflow, instead of one that you use for other platforms

  • Use special characters

If you believe that a password may have been compromised, please reset the password immediately by using the “Forgot Password” button on the login page, or by navigating to Control Center > My Account. A Network User with Admin privileges can reset the password of any Network User.

API Keys

API Keys are generated/reset upon request, and sent directly to the Employee User using Confidential Mode in Gmail. This requires you to provide a phone number so that you may receive a unique code that allows you to view the email containing the API Key via SMS.

We strongly recommend applying an IP whitelist, which ensures API calls can ONLY be made from the IP addresses on the whitelist. Reach out to the Customer Success team with the IPs to be whitelisted.

If you believe that an API key may have been compromised, please reach out to Customer Success immediately to reset the key.

Security Features

Everflow offers built-in login security tools that are enabled upon request. We strongly recommend reaching out to Customer Success to have these features enabled.

  • 2FA (2-factor Authentication)

    Once enabled, all Employee Users will be asked to download the Google Authenticator App (available for Android and iOS). Each time a Network User logs in, they will be required to enter the code from the Authenticator.

    • 2FA may also be activated for Partners and/or Advertisers.

  • Session Timeout

    Once enabled, Employee Users are automatically logged out after a designated period of inactivity.

  • Review Employee User access quarterly.

    This task includes deactivating old employee accounts, having employees look through their login logs for any anomalies, and to view their History for any API access anomalies.


NEED HELP? OUR CUSTOMER SUCCESS TEAM IS HERE FOR YOU!

We've assembled a superstar team of industry veterans that are available around the clock to make sure that your issues are resolved and questions are answered. You can reach out any time in-platform via Chat or by emailing support@everflow.io.

Did this answer your question?