TABLE OF CONTENTS
You can manage your organization via the Organization Setup Screen.
The organization Setup page allows you to view and control company details such as name & logo and regional date, time & measurement settings, and more advanced settings such as metadata, email addresses, and API access.
Also, on various pages, you'll be able to view your company's status pertaining to page viewed, including user audits.
Edit Organization
Basic Settings
This section lets you maintain your organization name and description, as well as upload your company logo and letterhead. The images must be in PNG format and no larger than 1000 x 300 pixels.
| Name | Enter the name of your company. |
| Description | Enter a brief description of your company. |
| Logo Image | Upload your company's logo, which will display in the app/on devices. |
| Letterhead | Upload your company's letterhead, which can be used when printing or exporting from uploads. |
Regional Settings
Here you can specify your regional settings, including location, time and date formats, measurement system and the first day of the calendar week. Please note that this affects the web dashboard only; the formatting within the app is changed by the settings available within Basic Settings on the App Setup page.
| Country | Country in which your organization is located. |
| Default Time Zone | The default time zone controls the time you see the data and time entries. It automatically takes into account daylight savings time when active, if you select a region that uses it. |
| Date Format | Enter the format you would like dates to be displayed. Valid options are: d, dd = day ddd, dddd = day of week M = month y = year Examples: MM/dd/yyyy, dd-MMM-yyyy |
| Time Format | Enter the format you would like times to be displayed. Valid options are: h = hour m = minute s = second tt = A.M. or P.M. h/H = 12/24 hour hh, mm, ss = display leading zero h, m, s = do not display leading zero Examples: HH:mm, hh:mm tt, HH:mm:ss |
| Measurement System | Controls whether measurement values are displayed to users with metric or imperial system units (e.g. meters vs feet). After changing, please check anything that relies on measurements to ensure their values are correct e.g. "Must Complete Within" on tasks and Location fields on screens. |
| Start of Calendar Week | Choose how calendars across the platform should display the start of the week. |
Email Options
| Default Sender Email / Name | The default sender’s name and email address will be used on any automated emails sent by the system. This field can be left blank if preferred. NOTE: Emails may be rejected by the recipient email servers if you do not have an SPF record set up for the sender's web domain. |
| Send Invite Emails To | All User Invite or Reactivation emails will be sent to the email address defined. If this field is left blank the email will be forwarded to the invited user. |
| Reroute Password Resets | By default, the system will send Forgot Password emails to the user’s email address enabling them to self-reset their password. Check this box if you wish to prevent this behavior from happening and instead send Forgot Password emails to the ‘Send Invite Emails’ name and email address. |
| Send Notifications To | Emails will automatically be sent to the given comma or semicolon separated addresses when errors and other important events occur. These events can also be seen in the Notifications area found on the web portal. If no email address is defined then notifications will not be sent via email but they can still be viewed in the Notifications area. |
Advanced Options
| Metadata | Add additional information about this organization by specifying key/value pairs. These values can be accessed across the platform by using the ORGMETA('key') formula function. |
| Extra User Info | Add custom properties to display against the User record, enabling additional information about the User to be captured. You can link this field to an existing data source for a predetermined list of values. Values can also be accessed via the USERMETA('key') formula function, using the 'Field Name' as the key. Used to set the same metadata for all users that can be manually edited at a user level, which takes precedence. Supports static and data source driven values. |
| Purge Trash After | Items that are removed (trashed) remain available for recovery from the Trash Bin area. By default, the system permanently deletes Trash items after 30 days. Change this value if you wish Trash items to be deleted sooner. |
| Fill Repeat Rows on Export | Repeated data (e.g. repeatable pages in a Form entry) is exported by the platform as separate rows for CSV and other tabular formats. When this option is selected, all non-repeat answer values are copied down into each repeat row. This can be useful for cases where other systems are importing these tabular exports, and those systems need to process all answer values on every repeated row. If you wish to instead have blank cells for non-repeat answers in repeat rows, unselect this option. Turning off this option effectively provides a grouping mechanism within the tabular export, with only repeat answer values populated in repeat rows. This can be useful for cases where the exported tabular file is being reviewed by humans instead of machine imported. Example:  |
| Auto-Complete Tasks | If selected, every Task will automatically be marked as complete when the assigned user checks off all activities on the Task. If this option is not selected, assigned users will need to manually confirm completion of each Task. This can be useful when you wish to allow the user a chance to add notes on Tasks prior to marking as complete. |
| User Time Zone on Exports | Enable this option to ensure that data exports apply the time zone of the submitting app user instead of the organization time zone. Be sure to specify a time zone for each of your App users via the Edit User page. |
| Require Login For File Links | For ease of use, images and other files captured in Forms through Media, Attachment and other fields are accessible anonymously via the unique link to the file. The file link can also be generated via our FILEURL() formula function. This option disables all anonymous access to such files, instead requiring a valid user login in order to view these files. |
| Primary Access URL | Your account's primary access URL to FOF's servers/your account's web portal. (required) |
| Secondary Access URL | Enter in a second access URL/valid domain for the web portal that points to FOF's servers. (optional) |
| Tertiary Access URL | Enter in a third access URL/valid domain for the web portal that points to FOF's servers. (optional) |
Integration Settings
API Keys
| Company ID | Your company's unique ID, normally required when using our API Explorer. |
| Private Token | Useful for external integrations, where a shared private token is needed for authentication. This is system generated by default, but you can specify a value from an external system/integration if you prefer. Automatically included in Hosted GET calls for this reason. Accessible via the {{%PRIVATETOKEN}} builtin for use in REST connectors. |
| API Full Access Keys | Data marked as personal/sensitive will be returned as plain text in responses. Maintain your integration by using one key when regenerating the other |
| API Anonymize Keys | Data marked as personal/sensitive will be converted to a non-human-readable format in API responses. Maintain your integration by using one key when regenerating the other. |
| Enable User API Keys | By default, API access is available using organization level API keys, however, these keys give full access to all API endpoints without restriction. When integrations are being built by internal developers this is generally not an issue, however, if you need to provide external/third-party integrators with API access then more granular control will be needed. You can enable granular control via this option, which activates the ability to generate API access keys on a per user basis. When our API is accessed via a user API key, our system automatically applies the access level and permissions of that specific user to their requested API operation. For example, if the given user has an access level of Read-Only, then API calls using their access key will only be permitted to perform GET operations on our API endpoints. Similarly, if the user does not have permission to access Data Sources, then all attempts to access our Data Source API with their key will be refused. In this way, you can set up a dedicated, access restricted user for your external developer and easily control which API calls they are able to make. |
Global Service Endpoints
| Form REST Connectors | Specify a global REST endpoint for use by REST Form connectors. |
| Task REST Connectors | Specify a global REST endpoint for use by REST Task connectors. |
| Data Source Sync | Specify a web service endpoint that can be used globally by Platform Sync and connectors in Data Sources. |
| Mapping Tiles For App | System-provided map tiles are used by default on the app for displaying maps to users. If you wish to use your own custom map tiles (e.g. from a GIS system), then specify a URL template here. The URL must contain {z}, {x} and {y} placeholders, representing the zoom level, X and Y decimal coordinates to be passed to your tile source provider. Some examples: https://tile.openstreetmap.org/{z}/{x}/{y}.png https://[host]/arcgis/rest/serv/map/tile/{z}/{y}/{x} |
Email Service
| Add Service | Add a SendGrid Email Service to manage the sending of system emails. |
External User Authentication and Provisioning
| Add Connector | Authenticate your users against an external system - e.g., a web service or enterprise identity provider. User passwords are never stored on our platform when external authentitcation is configured. Connectors: REST Okta Azure Active Directory Ping Identity |
Security
General
Session Expiry | Specifies the maximum amount of time that a user session is permitted to remain logged into the web portal without any activity. Upon expiry of this timespan, the user will be automatically logged out. |
| App Session Expiry Time | Specifies the maximum amount of time that a user session is permitted to remain logged into the app without any activity. Upon expiry of this timespan, the user will be automatically logged out. |
| Password Policy | The password policy enforced for all users on the platform when they set/change their password. All passwords are also checked against a list of common passwords that are not allowed. Basic A simple 6 character minimum password policy. NIST SP 800-63 A phrase-based policy that is human-friendly yet still hard to crack. OWASP 2017 A strict policy which favors complex passwords that are hard to break (but also harder to remember!). |
| Password Length | If required, define a larger minimum password length than the one in your selected Password Policy |
| Password Expiry | Select the length of time user passwords will be valid. Users will need to set a new password when it expires. i.e. 14 days, 30 days, 90 days, 180 days, 1 year, Never. |
Two-Factor User Authentication
| Enable/Disable 2FA | Enable two-factor authentication for your organization so that users have an additional level of identity verification required for logging in. This is an added security for your organizational data. Options:
|
| Verify User On | Specify when the user should be challenged to verify their identity via two-factor authentication (2FA). By default, we require a verification code when the user first registers for 2FA and once per app install thereafter. For additional security, you can require every login be verified - for Portal users specifically or for all users. NOTE: If you choose to require verification on every app login, your users will always require an internet connection in order to verify their 2FA code. |
| Authenticator | Specify your preferred authenticator app, which will be recommended to your users during their 2FA registration process. |
IP Whitelisting
| Add Rule | Optionally create rules that apply access restrictions to the specified areas based on the IP address of the requesting user or program. If no rules are defined for the given area, then all IP addresses are permitted. NOTE: Users with Enterprise Admin access level are exempted from Portal restriction rules to ensure continuity of access. |
Customize Messages
Message Settings
| Default Sender Name | The default "From" name used on any automated emails sent by the system. |
| Default Sender Email | The default "From" email address used on any automated emails sent by the system. NOTE: Emails may be rejected by recipient email servers if you do not have an SPF record setup for the sender web domain. |
Email Subjects & Bodies
| Email Subject | Customize the subject of emails sent from the platform. |
| Email Body | Customize the HTML body of emails. |
Connections
| Add Connection | Add Connections to authentication communication between external systems for Form and Data Source Connectors to push or pull data. i.e., Amazon Web Services, Google, OneDrive, SQL Server, and more. |