Logicly’s application authentication procedure is designed to align with the Australian Signals Directorate’s Protective Security Policy Framework (https://www.protectivesecurity.gov.au/) at OFFICIAL:Sensitive level and requires Multi-Factor Authentication to register and log-in to the application.
In order for Logicly to register you for an account, Logicly requires your work email address. Your email address will be used as your login identifier and to communicate with you regarding important events associated with the application such as updates and scheduled outages.
Once you have been registered, you will need to set-up Multi-Factor Authentication in order to use the Online Validator. We have a user guide to help step you through different set-up options: https://docs.logicly.com.au/en/latest/mfa-user-guide/index.html.
The new user’s manager will need to email support@validator.com.au requesting that the new user be registered for an account and confirming which datasets the new user should have access to. If you are unsure who your manager is, please contact support@validator.com.au.
If not already provided, Logicly will request an email address associated with an appropriate Australian jurisdiction (i.e. one of the Australian States or Territories or the Australian Government) for the new user.
An email containing a link to verify the account will be sent to the new user.
The new user will need to follow the instructions in the verification email to begin their registration (please be aware that the access link is only viable for a short period of time). After registration new users will have access to our Authentication System, but they will not have any functional attributes.
The administrators will be notified that the new user has registered and will grant them the correct attributes to access, upload or review the correct file types. A confirmation email will be sent to new the user informing them that they now have access to the Online Validator.
Role-based access is managed by Logicly’s existing Authentication and Authorisation Service (Streuth). Streuth manages the roles a user has, and restricts access accordingly. It also provides for self service user details maintenance, password changing and enforces password complexity and password expiration.
MFA is an additional layer of authentication that works by requiring users to provide verification information (via a device they have) in addition to their email address/password (which they know) when logging in. Taken together these multiple “factors” are used to verify the user. Logicly’s authentication system supports a variety of additional factors, including:
Push notifications
One-time passwords
Security Keys
MFA is required each time a user logs into a Logicly application for enrolled users.
While there are a variety of MFA apps compatible with our system, instructions are available to guide you through setting up MFA push notifications on your mobile device using either the Auth0 Guardian app OR Microsoft Authenticator, as these can be responded to on a mobile device without having to enter a code manually.
For those that would prefer to not use an application on their mobile device, hardware security keys such as the yubico Security Key may be used as an additional factor.
