Credential Management

There are different ways to authenticate to Mailsac services depending on the service being consumed.

Password Change

An account password can be changed on the Website under Manage Account Details. If you have forgotten your password use the Password Reset Form to send a password reset email.

Team users will need to contact the Primary Account Holder to reset their password.

API Key Management

API keys are used to authenticate to the REST API, Email Capture, POP3.

API Keys can be created , regenerated, and deleted in the API Keys and Users section of the Dashboard.

Multiple API Keys

For accounts on Business or Enterprise plans, multiple API keys may be created, each with a unique name.

Having multiple API keys enables:

  • restricted access control

  • usage monitoring

  • separate API Keys for different testing environments

To create an API key, go to API Keys and Users and select “Manage Keys” from the Dashboard. Enter a name for the API Key and select Generate new API key. API Keys may only be viewed once and are not retrievable by the system. API Keys should be treated with the same security considerations as a password.

../../../_images/add_named_key.png

Create new API key

Team Users

Team user accounts may access a subset of Mailsac functionality - almost everything except managing the account, billing, and API keys or user logins. This feature is available on Business and Enterprise Plans.

A team user’s password serves both as the password to the Mailsac.com website and the REST API

Create Team User

Team users can be created from the Dashboard under API Keys and Users by selecting “Manage Users”

../../../_images/create_user_login.png

Create Team User Login

The password for the user login is automatically created. It can only be viewed once.

../../../_images/user_login_credentials.png

User Login Credentials

When logged into the website using an user login, the user session is restricted from:

  • viewing and modifying payment information

  • adding or removing API keys

  • managing account features

  • adding or removing custom domains

Login Using a Team User

Use the Team User Login to sign into Mailsac to login user a Team User

  • Primary Account ID: The primary account name used to sign up for Mailsac

  • User Name: The name of the user login

  • Password: The password for the user

../../../_images/login_using_sub_account_user.png

Login using a Team User.

Reset Team User Password

Team User passwords are generated automatically because they also serve as an API key. In order to reset the Team password the user can be recreated by selecting “Regenerate Password”. This can be done from API Keys and Users

../../../_images/regenerate_sub_account_password.png

Regenerate team user password.

Remove Team User

Team users can can be removed by clicking on the “Delete” button next to the user login on the API Keys and Users page.

../../../_images/remove_sub_account.png

Remove Team user.

SAML/SSO Integration

SAML provides a way for team users to authenticate using a third party identity provider. Mailsac has been tested with Okta, Google Workspace, and Microsoft Cloud based Active Directory products. Other SAML identity providers may work since SAML is based on a standard framework.

SAML Setup

Select SAML/SSO from the Dashboard. Then click the button “Generate SAML Service Provider”.

../../../_images/generate_saml.png

Generate SAML Service Provider

The next screen will contain “Service Provider Info”, which will be required by your identity provider. The section “Identity Provider Settings” will be filled in with information generated by your identity provider.

../../../_images/saml_sso_settings.png

SAML/SSO Settings

The process for configuring your identity provider will vary depending on the identity provider.

Adding SAML Users

In order to login using SSO a team user must be created with a username that matches the name ID returned from the SAML SSO provider. This is typically the username used to authenticate to the identity provider.

After the user is added as a sub account user they will be able to login using SAML SSO.

../../../_images/saml_sub_account.png

Add a team user with the same name as returned by the identity provider

Removing SAML SSO Users

SAML SSO team users can be removed by clicking on the “Delete” button next to the user login on the API Keys and Users page.

Login As a SAML SSO User

The SSO login page, which can be accessed directly or found via the Standard Login, is used for SAML SSO logins.

../../../_images/sso_standard_login.png

Select “SSO Login” to login using SSO

Enter the Primary Account ID, which is the Mailsac username used to configure SAML SSO, and the SSO email or User ID of the SSO user. Select “Generate SSO link” to be redirected to the SSO provider’s login page.

../../../_images/saml_login_page.png

Enter primary Mailsac account ID and SSO email or User ID and select “Generate SSO link”

Once the identity provider has authenticated the user, the user will be redirected back the Dashboard completing the SAML SSO login process.