HomeHelp CenterSettings & Administration

Security settings (2FA, audit logs, SSO, data retention)

Two-factor auth, audit logs, SAML single sign-on, and data retention.

2 min read · Updated Jul 4, 2026

Settings > Security has four tabs: Two-Factor Authentication, Audit Logs, SSO, and Data Retention.

Two-factor authentication

The Two-Factor Authentication tab secures your account with an authenticator app (TOTP, such as Google Authenticator or Authy). Scan the QR code, enter a verification code to confirm, then save the one-time recovery codes in case you lose your device (you can regenerate them later from the same tab). Some roles — Owner, System Administrator, and Organization Administrator — are required to enable two-factor authentication and are prompted to set it up at login. An active-session viewer and new-device login alerts are not yet available.

Audit Logs

The Audit Logs tab shows a tamper-evident record of significant actions in your organization (logins, record changes, permission changes, exports). It is read-only and cannot be edited or deleted.

SSO (SAML)

The SSO tab configures SAML 2.0 single sign-on only. Connect an identity provider such as Okta, Azure AD / Entra, OneLogin, or JumpCloud: Tormano gives you the Service Provider details to register, and you supply your IdP's entity ID, SSO URL, and x509 certificate. Enabling Enforce SSO blocks email/password sign-in so users must authenticate through your IdP. (The one-click Continue with Google and Continue with Microsoft buttons on the login page are separate sign-in shortcuts, not configured here.)

Data Retention

Set how long certain records are kept before automatic cleanup. See the Data Retention help for which windows are enforced.