This guide shares the steps to manageTwo-Factor Authentication (2FA) on the Karat platform. This content is intended for admins and other users on the Karat platform. 

The Karat Platform supports optional 2FA management at both the user level and the organizational level. This document contains an overview of how to manage 2FA at both levels.

Caution: If your organization has enabled Single Sign-On (SSO) on the Karat platform using SAML 2.0-compliant identity providers (IdPs), avoid setting up 2FA. Users authenticated through SSO will not be prompted for 2FA.

Prerequisites

Before getting started, ensure you have the following:

• Karat Platform login credentials.
• 2FA app: Download a 2FA app on your phone or tablet (Google Authenticator, Authy, or FreeOTP Authenticator app)
• To enable 2FA for your specific groups, you must have the  Admin role.

Organization 2FA Management

If you would like to enable 2FA for your organization, contact the Karat support team.

Group Level 2FA Management

To enable two-factor authentication (2FA) for your specific groups, follow these steps.

Steps to Enable 2FA

1. Log in to the Karat platform.
2. Click Settings in the left-hand menu.
3. Navigate to the Permissions tab.
4. Check the box for all applicable roles within a group to enable 2FA for the organization (each row is a different group). 

Note: Only admins can access the Permissions tab to manage 2FA settings. Group Admins can only manage 2FA settings for the groups they belong to.

For more information about the user types and their permissions on the Karat platform, see How to: Identify user types at Karat 

What Happens Next?

• Once 2FA is enabled, selected users  will be required to set up 2FA the next time they sign in to the Karat platform.
• Upon signing in with their username and password, users will be redirected to the 2FA setup page.
• Users can select the Don't ask again on this computer for 30 days option to minimize the need for entering the 2FA code for a month. If this option is not selected, users will need to enter their 2FA code from the app every time they log in.

Individual User 2FA Management

If your organization or group hasn't enabled 2FA on the Karat platform, but you would like to enable it for your individual user account, follow these steps:

1. Log in to the Karat platform.
2. Click your name at the bottom of the left menu.
3. Click Profile.

1. Click the Security tab.
2. Go to the Two-Factor Authentication section.
3. Follow the steps outline on the Two-Factor Authentication section to setup your 2FA.

Troubleshooting tips for 2FA

If you're having issues logging into the Karat Platform using the 2FA code app, try the following troubleshooting tips:

• Use any standard OTP: From the app store on your phone or tablet, install the Google Authenticator, Authy, or FreeOTP Authenticator app. These apps are recommended for Karat 2FA, as other apps may cause login issues due to timing delays.
• Restart your phone: This will help resync the app with the correct time. If the time isn't synced properly, the authenticator app won't work.
• Turn dark mode off: Some apps may have issues with dark mode that affect the timing of 2FA codes.
• Check your email: Look for an automated email from Karat with instructions to unlock your account.

If you're still having trouble logging in after following the troubleshooting steps, reach out to support@karat.com.