Credential Management

There are different ways to authenticate to Mailsac services depending on the service being consumed.

Password Change

An account password can be changed on the Website under Manage Account Details. If you have forgotten your password use the Password Reset Form to send a password reset email.

Sub-Account Users will need to contact the Primary Account Holder to reset their password.

API Key Management

API keys are used to authenticate to the REST API, Email Capture, SMTP, POP3.

API Keys can be created and deleted in the API Keys and Users section of the Dashboard.

Multiple API Keys

For accounts on Business or Enterprise plans, multiple API keys may be created, each with a unique name.

Having multiple API keys enables:

  • restricted access control

  • usage monitoring

  • separate API Keys for different testing environments

To create an API key, go to API Keys and Users from the Dashboard. Enter a name for the API Key and select Generate new API key. API Keys may only be viewed once and are not retrievable by the system. API Keys should be treated with the same security considerations as a password.

../../_images/add_named_key.png

Create new API key

Sub-Account Users

Sub-Account User accounts may access a subset of Mailsac functionality - almost everything except managing the account, billing, and API keys or user logins. This feature is available on Business and Enterprise Plans.

A Sub-Account User’s password serves both as the password to the Mailsac.com website and the REST API

Create User Login

User accounts can be created from the Dashboard under API Keys and Users.

../../_images/create_user_login.png

Create User Login

The password for the user login is automatically created. It can only be viewed once. The credential can be downloaded as a CSV file.

../../_images/user_login_credentials.png

User Login Credentials

When logged into the website using an user login, the user session is restricted from:

  • viewing and modifying payment information

  • adding or removing API keys

  • managing account features

  • adding or removing custom domains

Login Using an Sub-Account User

Use the Sub-Account User Login to sign into Mailsac to login user a Sub-Account User

  • Primary Account ID: The primary account name used to sign up for Mailsac

  • User Name: The name of the user login

  • Password: The password for the user

../../_images/login_using_sub_account_user.png

Login using a Sub-Account User.

Reset Sub-Account User Password

Sub-Account User passwords are generated automatically because they also serve as an API key. In order to reset the Sub-Account password the user can be deleted and recreated. This can be done from API Keys and Users

Remove Sub-Account User

Sub-Account users can can be removed by clicking on the “Delete” button next to the user login on the API Keys and Users page.

SAML/SSO Integration

SAML provides a way for sub-account users to authenticate using a third party identity provider. Mailsac has been tested with Okta, Google Workspace, and Microsoft Cloud based Active Directory products. Other SAML identity providers may work since SAML is based on a standard framework.

SAML Setup

Select SAML/SSO from the Dashboard. Then click the button “Generate SAML Service Provider”.

../../_images/generate_saml.png

Generate SAML Service Provider

The next screen will contain “Service Provider Info”, which will be required by your identity provider. The section “Identity Provider Settings” will be filled in with information generated by your identity provider.

../../_images/saml_sso_settings.png

SAML/SSO Settings

The process for configuring your identity provider will vary depending on the identity provider.

Adding SAML Users

In order to login using SSO a sub-account user must be created with a username that matches the name ID returned from the SAML SSO provider. This is typically the username used to authenticate to the identity provider.

After the user is added as a sub account user they will be able to login using SAML SSO.

../../_images/saml_sub_account.png

Add a sub-account user with the same name as returned by the identity provider

Removing SAML SSO Users

SAML SSO sub-account users can be removed by clicking on the “Delete” button next to the user login on the API Keys and Users page.

Login As a SAML SSO User

The SSO login page, which can be accessed directly or found via the Standard Login, is used for SAML SSO logins.

../../_images/sso_standard_login.png

Select “SSO Login” to login using SSO

Enter the Primary Account ID, which is the Mailsac username used to configure SAML SSO, and the SSO email or User ID of the SSO user. Select “Generate SSO link” to be redirected to the SSO provider’s login page.

../../_images/saml_login_page.png

Enter primary Mailsac account ID and SSO email or User ID and select “Generate SSO link”

Once the identity provider has authenticated the user, the user will be redirected back the Dashboard completing the SAML SSO login process.