Access Control settings section enables you to configure security related aspects of Identity and Access Management.

In this article, you can find instructions on:
- [Password settings](/docs/settings/identity-access-management/access-control/password-settings) - To define the strength of user's passwords
- [IP allow-listing](/docs/settings/identity-access-management/access-control/ip-allow-listing) - To define the list of IP addresses from which users can log in to your workspace
- [Domain management](/docs/settings/identity-access-management/access-control/managed-domains) - It is required if you want to have greater capabilities to manage users (registered within the verified domain) in your workspace
- [Single sign-on](/docs/settings/identity-access-management/access-control/single-sign-on) - To allow users to authenticate once with your IdP and then access Synerise or other enabled Service Providers, without the necessity to authenticate with each of those applications separately.

<figure>
<img src="/api/docs/image/54176ad07f146575310749eba44b7c2f42c1b327/docs/settings/_gfx/access-control-general.png" alt="List of access control features" class="full" >
<figcaption> List of the Access Control features </figcaption>
</figure>

## Prerequisites
---
- You must be granted a set of permissions that allow access to Settings and editing within this hub.
- **For Managed domains**: You must have access to domain management or to the root folder in the hosting behind the domain.
- **For Single Sign-on**:
    - You must [verify the ownership](/docs/settings/identity-access-management/access-control/managed-domains) of at least one domain (could be more if needed).
    - Create a backup user that won't be using the same email address in the Identity Provider account. This is not required if you start with the **Both methods** authentication mode (explained in the ["Configuration parameters explanation"](/docs/settings/identity-access-management/access-control/single-sign-on#configuration-parameters-explanation) section). 
    - You must be granted user permissions to access Settings and configure Identity provider.
    - You must have access to Identity Provider's admin panel to configure SAML application.


   <div class="admonition admonition-note"><div class="admonition-icon"><svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" stroke-width="2.5"><path stroke-linecap="round" stroke-linejoin="round" d="M13 16h-1v-4h-1m1-4h.01M21 12a9 9 0 11-18 0 9 9 0 0118 0z" /></svg></div><div class="admonition-body"><div class="admonition-content">

   <br>You will need the data from the Identity Provider. For details on using the Identity Provider's application, refer to the Identity Provider's documentation

   </div></div></div>