Organization settings

The organization settings are found when you click on your account name on the top-right corner of the webapp and selecting Organization.

Projects

Here you see your role in the projects of this organization. As an organization admin you are the only one who can create new projects.

Usage

This is a summary of the overall usage in the organization. The graphs and information on this page are self-explanatory, but for more detailed info you can look up the projects usage docs because it works in the same way.

White-labeling

Do you want the Blockbax Platform shown as your own? Then the white-labeling add-on is what you need. This add-on is billed separately for an additional monthly fee. See our pricing page for more information.

Read the following section to get to know the white-labeling possibilities. White-labeled projects can only be created by your organization admin(s) and can be found at the organizations section.

Configurations

Create your configuration(s) to start customizing the branding of your projects.

Projects

Select the projects you want this configuration to apply to.

Domain

Keep the default domain or choose a previously verified custom domain.

Branding

Web app logo

Select the logo that will be displayed at the top of the sidebar when expanded.

Web app icon

Select the icon that will be displayed at the top of the sidebar when collapsed as well as on the browser tab. It is recommended to upload a square image as your web app icon.

Default logo

Select the logo that will be used when sending out project-related emails for the selected projects.

Custom domains

Create a custom domain to serve the Blockbax platform under your brand (e.g. iot.yourcompany.com).

Domain name

This section contains the domain name and also allows you to configure whether unauthenticated users visiting your custom domain are automatically redirected to the configured SSO provider. Automatic redirection is optional: when you disable it, users visiting your custom domain are presented with the regular login screen instead of being sent straight to your identity provider.

DNS settings

Your custom domain won’t work until you point your custom domain to Blockbax. Follow your domain registrar’s instructions on how to update your DNS records to add NS records for your custom domain for all nameservers below. Be aware that DNS changes can take up to 72 hours to propagate across the internet, although it typically takes a few hours.

• ns1.blockbax.org
• ns2.blockbax.com
• ns3.blockbax.co.uk
• ns4.blockbax.net

For example configuring a custom domain for iot.mycompany.com might be done as follows:

Branding

Upload your own logos to replace the Blockbax logo. You can also upload a custom background image for the login page. Logos can be overridden for specific projects using a white label configuration.

Web app logo

Select the logo that will be displayed at the top of the sidebar when expanded.

Web app icon

Select the icon that will be displayed at the top of the sidebar when collapsed as well as on the browser tab. It is recommended to upload a square image as your web app icon.

Default logo

Select the logo that will be displayed on the login page and in the web app and in emails for projects that are using this custom domain.

Login background

Select the image that will be used as the background on the login page. Make sure to optimize the image to minimize its impact on page loading speed.

Settings

General

Here you can set the name of the organization, see the configured timezone and slug, and configure contacts, single sign-on (SSO), multi-factor authentication (MFA) enforcement and personal access key settings.

Single sign-on (SSO)

This is where you configure the settings to enable SSO. We currently support SAML 2.0 which is supported by most identity providers (IDPs) such as Microsoft Entra ID (formerly Azure AD) and Okta. In this section you can find the Entity ID and Assertion Consumer Service URL to copy+paste in the portal of the IDP and enter the Federation Metadata URL provided by the IDP. Please follow the instructions of Microsoft Entra ID, Okta or any other identity provider to setup SSO integration at their side. To help out, we started to create SSO tutorials to kickstart your SSO integration.

Just-in-time (JIT) provisioning is enabled by default. This means that user accounts are created the first time users successfully log in to the Blockbax Platform through an IDP. Once you configured SSO you are able to define a default role at each project’s SSO settings for these first time users.

When an identity provider is deleted, the accounts that were created through it can no longer be used to log in. To prevent these users from being locked out, configuring a new identity provider automatically reconnects those existing accounts to it, allowing the affected users to log in again through the new identity provider without losing access to their accounts.

Multi-factor authentication (MFA) enforcement

As an organization administrator you can enforce the use of multi-factor authentication (MFA) for the entire organization. When MFA enforcement is enabled, all members are required to configure multi-factor authentication on their account before they can access projects in your organization. We recommend enabling MFA enforcement to help raise the baseline level of account security across your organization.

Personal access keys

Users can create personal access keys to obtain read-only API access to everything they have access to. As an organization administrator you can disallow the use of personal access keys for your organization. When they are disallowed, personal access keys can no longer be used to access your organization or its projects.

Administrators

Here you find the administrators of this organization. Each organization has at least one administrator and an administrator is the only one who can create new administrators. Be aware, administrators are the only ones who can access the organization info.