Authentication

All of Nortech’s Cloud applications use the same state-of-the-art authentication method. All users that access these applications need to have a Nortech account and the specific permissions to said applications, which can vary depending on the application.

By default users are manually configured by the Nortech staff. To update user management settings or troubleshoot any security issues, contact us at support@nortech.ai.

Login

When logging in into a Nortech Cloud application a login page with the following format should appear.

The default method of logging in is an email/password authentication. After the user inserts their email into the input they will be prompted to insert the password.

Registration via Email

When requesting Nortech to create a new user account, the Email address of the user and, optionally, their name should be provided. Once the setup is completed the user should receive an email from no-reply@nortech.ai, as seen bellow. This email contains a security code that is necessary to complete the user registration.

By clicking the Complete registration button in the previous email, the user will be redirected to a web page where the security code should be added, if not already. To complete the registration it is necessary to add a password that complies to the security checks.

Registration with Predefined Password

In cases where its not possible for a user to be associated with an email address, it is possible to create a user with a predefined password. When requesting Nortech staff to create a new user account, a temporary password will be provided. With this password the user is able to login into any accessible Nortech Cloud application. Upon login they will be prompted to update their password to one of their choosing.

caution

This method is not recommended due to higher security risks.

Self-Registration

It is also possible to setup an Organization’s settings in a way that users are able to self register into the platform. This can be done in 2 ways: via Email domain or via an external Identity Provider. To configure these settings contact the Nortech staff.

Via Email Domain

In this setting it is possible for users to register themselves as long as they have a valid email address in the respective Organization. To enable this setting it is necessary to provide Nortech with a list of valid email domains of the Organization. Users that try to login, for the first time, into a Nortech Cloud app with an email address that contains one of those domains, will have to fill the following form.

After the form is completed the user will receive an email containing a security code similarly to the Registration via Email. To finish the registration click the Complete registration button the received email or copy the code into the Code input.

Via external Identity Provider (IdP)

If an organization already has its own internal user management system with an Identity Provider (IdP), it can seamlessly integrate this IdP into the Nortech platform. The platform supports all standard IdPs, including popular providers like Google, Microsoft Azure AD, Apple ID, Okta, Auth0, Github, Gitlab and others, as long as they support OpenID Connect (OIDC), Active Directory/LDAP, or SAML SP protocols. This ensures broad compatibility and flexibility for organizations using a wide range of identity solutions.

To setup this method, all relevant information (attributes, secrets, etc…) regarding the protocol must be provided to Nortech. To troubleshoot this step contact us via the provided email address.

After the setup is complete, the configured IdP’s should be available in the login page.

Two-Factor Authentication (2FA)

When registering into the Nortech platform the user will be prompted to choose a 2FA method. By default this step can be skipped, although it is possible to make it mandatory by contacting the Nortech staff. Currently there are three 2FA methods supported.

Device Passkey

This method creates a local key in the user’s device which is attached to their biometric data (like fingerprint or faceID). See here for more details.

One Time Password (OTP) via Email

If this method is setup, every time a user logs in they will be prompted to insert a security code. This code is sent to the user’s email address and has a expiry time of 5 minutes.

Alternatively, the user can also click the Authenticate button to finish the login process.

Authenticator Apps

This method allows the user to authenticate using authenticator apps like Google Authenticator or others. When logging in for the first time the user will be prompted to scan a QR Code in their Authenticator app or manually insert the secret value. After this the app should provide a temporary security code that should be inserted in the Code input.

With every new login, the user must check their Authenticator app for the respective Nortech temporary code and insert it in the Code input.

caution

The Nortech app might be identified as “ZITADEL” in the Authenticator app.

Login​

Registration via Email​

Registration with Predefined Password​

Self-Registration​

Via Email Domain​

Via external Identity Provider (IdP)​

Two-Factor Authentication (2FA)​

Device Passkey​

One Time Password (OTP) via Email​

Authenticator Apps​