Configure SAML/OIDC SSO and TOTP MFA for tenant administrators and technicians.
Enable MFA for privileged roles first. TOTP challenges are enforced at login after password verification.
SSO connects via your IdP using SAML or OIDC redirect/ACS URLs shown in Admin. Map groups to QS Assets roles carefully before forcing SSO-only login.
See the Security Trust Center for broader encryption, RLS, and audit practices.