TriLine Integration with Identity (Including MFA) and migration plan for all the TriLine customers
With the latest release, a new integration with Multifactor Authentication (MFA) has been implemented, ensuring that all TriLine customers can benefit from this enhanced security feature. By enabling MFA across all sites, our customers can effectively mitigate the risk of account takeovers and bolster the overall security of their user accounts. In an era marked by a rise in cyber security breaches, it becomes imperative to fortify user data with additional layers of protection. This integration aligns with our commitment to safeguarding users and their valuable information
Please note: All the existing TriLine customers will be migrated to the Identity sites and this migration will be performed in Phases (If you want to be in Phase I then please reach out to us at [email protected])
Upon completion of the migration, customers will observe the following changes:
A universal login page for Anasarada will be displayed when accessing TriLine.
Users will now log in to TriLine using their email addresses.
TriLine customers will have the option to enrol in and utilize Multi-factor Authentication (MFA) for new users. MFA functionality will only be enabled upon request. If a customer does not require MFA, it will not be activated for their account.
When a new user is created in TriLine, they will receive an invitation email allowing them to sign up. They will be responsible for providing their essential details, such as their name, and creating their own password. Previously, this process was handled by the TriLine Administrator on behalf of new users.
Users will have the capability to change their password using the Identity Recovery Password Flow.
If your site already has Single Sign-On (SSO) implemented, there will be no changes to the login process.
Here are some Frequently Asked Questions for TriLine customers:
How it will look when an existing user will log into the Identity site?
The old TriLine login page will be replaced by a universal Ansarada login page that will appear on the login page to access TriLine as shown below:
What will the login process look like for a non-SSO customer accessing TriLine through the Identity site?
When a non-SSO customer attempts to log in to TriLine, they will be required to enter their email address and password in the provided fields, as depicted in the aforementioned example.
What will the login experience be like for an SSO user accessing TriLine through the Identity site?
If you are already using SSO, there will be no changes to the login process on your site.
When an SSO user logs in to TriLine via the Identity site, their login will be handled by your organization's SSO. They will be presented with a dialogue box asking for their Email and Password. However, once the user enters their email address, the Password dialogue box will be hidden.
SSO users only need to provide their email address, which will be detected by their SSO. They do not need to enter a password. After entering their email address, they will be directed to the TriLine My Summary page.
See the example below:
4. What happens when a new TriLine user/position is created?
There have been modifications to the process of creating new positions. The TriLine Administrator is no longer required to provide information such as first name, last name, password, and user ID. Instead, when a position is created, the Administrator is only required to fill in the following details, as illustrated in the example below:
Once the profile is created. An email notification will be sent out as per the screen capture below:
The new user has to complete their TriLine profile, which requires them to fill in their first name, Last name and create their password.
After following these steps the users will be able to login successfully in TriLine:
5. Does that mean that the User ID field will be completely removed from the position table?
Yes, the User ID field will no longer be available as now users will be able to log in using their email address. As shown below:
The only fields that will be available under the position tab are:
Title
First Name
Surname
Email Address
6. Can we have multiple roles for 1 email address?
Yes, Multiple roles can be created using 1 email address. You can easily change the user from the Profile Tab on the upper right-hand side.
You would be able to select the position as shown below:
7. How will this work for SSO clients with multiple profiles?
If you already have SSO then you can directly change the profile as shown above and login as the desired position. You can jump from one profile to another in a matter of a click. You will no longer be required to enter a password every time to switch to another profile.
8. Can TriLine customers use SSO?
After integrating with Identity, customers can follow the current process of Identity to enable SSO. (Request us via Support ticket, all the works are done from the Identity side)
We only have SAML SSO at the moment. We are always considering improvements in this area and would love to hear your feedback or requirements. Please let us know by sending us an email at [email protected].
Please check our Page on Single Sign On FAQ- SSO FAQ
9. Which URL is used to log in for Trilline users after integration?
The user would go to the usual Trilline login URL (Example demo: https://demo.triline-grc.net/xxxxx)
then he will be redirected to ULP (at: https://auth.au.ansarada.com/login?…..).
10. I updated my first name / last name on the Profile page of Ansarada, why don't I see it updated in Triline?
The system will sync this info every time the user login to Triline. So need to log in again to see them updated.
11. How to change your Password? (if you are not an SSO user)
If you are not an SSO user and you need to change the Password then you can change it easily by putting your email address and then clicking on ‘Don’t remember your password?'. Once done you will receive an email prompt as below to reset your password.
Once done you will receive an email prompt as below to reset your password. The link expires in 2 hours so you need to reset the password before it expires.
Please note: If you are an SSO user you don't have to worry about creating or changing the Password as it will be taken care of by your SSO and you will be able to log in through your SSO password.
12. How to give access to External Auditors?
In order to grant access to external auditors, the process involves creating their profile in TriLine using their external email address. Subsequently, an email containing a link will be sent to the auditor, enabling them to complete their profile set-up and establish their own password. Once this process is successfully completed, the external auditors will have convenient access to TriLine.
To revoke access for an external auditor, simply mark the position as obsolete. This action will effectively terminate their access to TriLine.
It is important to note that if your external auditor has already been approved in Identity, they will not be required to create a password. They can simply use their email address to log in to your site without the need for a password. For further details, please consult TriLine support.
13. What would be the login process if I use more than one Ansarada Products?
If you utilize multiple Ansarada products such as Board, Data Room, GRC, ESG, OpRes, and others, the login process is straightforward. You can access all these platforms using just one password. This unified login approach eliminates the hassle of remembering and managing multiple passwords for each product, making the login experience much simpler and more convenient.
If you have any other questions in relation to this then please feel free to send us an email anytime at [email protected].