Access and Authentication

In Waidok, access to the system is exclusively through an email and password-based user account, with no two-factor authentication in this version. Here are the key points of this process:

• Access point
  Access to the system is made from the login URL:
  https://waidok.cloud

• Required credentials

  • E-mail: used as a unique identifier.

  • Password: set by the user the first time he/she logs in (or assigned by the administrator).

• Provisioning of accounts

  1. The administrator creates the user account from the "User Management" module, indicating e-mail, name and role.

  2. An email is automatically sent with a unique link to set the password (valid for 24 hours).

  3. The user sets his or her password and can then access the system.

• Password Policy

  • Minimum length of 8 characters.

  • It must include uppercase, lowercase, numbers and a special character.

  • History that prevents reusing the last 5 passwords.

  • Account lockout after 5 failed attempts (automatic unlocking after 15 minutes or by administrator).

• Session management

  • Sessions expire after 30 minutes of inactivity (configurable).

  • The user can log out manually; this invalidates all tokens on the server.

  • The number of concurrent sessions per user can be limited to enhance security.

• Future integration options
  Although there is no two-factor in this release, Waidok is prepared to integrate at a later date:

  • LDAP/Active Directory: corporate authentication delegation.

  • SSO/SAML: single sign-on from external portals, respecting roles and groups.