Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt

Use this file to discover all available pages before exploring further.

Staff security settings page at /settings/security where authenticated staff users manage their MFA enrollment, app-lock policy, and biometric authentication preferences.

Overview

The Security settings page surfaces MfaEnrollment for TOTP/MFA management, AppLockSettingsSection for configuring idle-lock policy, PIN setup, and biometric enrollment. State is sourced from useAppLockContext. At the bottom of the page, permission-gated cards link staff with pf.security_events.view to security monitoring pages (Security Events, Security Alerts). The route has no explicit RequirePermission guard — standard platform authentication is sufficient.

Who it’s for

No explicit permission gate on this route. Requires an active platform staff session.

Before you start

  • You must be signed in to the platform.
  • A TOTP authenticator app is required for MFA enrollment.

Steps

  1. Navigate to /settings/security.
  2. In the MFA section, enroll or manage your authenticator app.
  3. In the App Lock section, set your idle-lock policy and optionally set up a PIN or biometric method.
  4. Use the linked cards to navigate to Security Events or Security Alert Configuration (requires pf.security_events.view).

Key concepts

MFA enrollment — Managed via MfaEnrollment component; supports TOTP-based second-factor authentication. App-lock policy — Controls how quickly the app locks after inactivity and which unlock methods are available (PIN, biometric). Biometric enrollment — Enables fingerprint or face-based unlock where the device supports it.

Platform Foundation

Platform Foundation overview.

Governance & parity

This page documents shipped product behavior. It is not medical, legal, or billing advice. Verify against your organization’s policies and applicable regulations before using it for clinical, compliance, or billing decisions. Protected health information (PHI) shown in the product is governed by your tenant’s access controls and is never exposed in this documentation.
  • src/routes/platform.tsx
  • src/platform/settings/SecuritySettingsPage.tsx
  • src/platform/auth/app-lock/AppLockContext.tsx
  • src/platform/auth/components/MfaEnrollment.tsx