/onestopreporting/help/management/customer-settings section 2026-01-16T14:27:01+01:00 # Customer settings ## Distribution settings ### General: Use labels to filter reports > [!IMPORTANT] > Only administrators at the top (customer) level are able to edit this setting. If you turn on the **Use labels to filter reports** checkbox, you can use labels to distribute specific reports to specific users. Report labels are selected for each report and role, then users are added to roles. Which reports the user will have access to depends on the user\'s role. ### Allow users to receive reports from OneStop Reporting 1. Go to **Administration**. 2. Click the top (customer level). 3. On the **Customer settings** tab, click the  **Edit** button. 4. Select the **Allow receiving reports from OneStop Reporting** check box. You now allow users to receive the standard OneStop Reporting reports to their libraries. > [!IMPORTANT] > For new customers, this will be turned ON for all clients. The setting can be applied at the top (customer) level for all clients, or you can adjust the setting for each client. ### Distribution mode **Distribute all reports:** Users will receive all the standard OneStop Reporting reports to their libraries. **Only distribute selected reports:** An administrator can decide which reports will be distributed from the **Distribution** module. ## Security settings ### Portal sign-in: Require Multi-Factor Authentication for all users Enable the **Multi-factor authentication** checkbox to require all users to set up and use Multi-Factor Authentication when signing in to the portal.  **A Multi-Factor Authentication policy is now enabled for this organization. All users must use MFA to sign into the underlying clients and groups.** > [!TIP] > For more information about [Multi-Factor Authentication, click here](./multi-factor-authentication). ### Azure Active Directory Require Azure Active Directory (AAD) sign-in for all users: 1. Enter the domain(s) to require Microsoft sign-in for all users. **NOTE:** The domain(s) you enter here, *must* be an Azure Active Directory domain(s). 2. Click **Add**. **Now all users are required to use their Microsoft account to sign in to OneStop Reporting.** > [!TIP] > If users have access to multiple clients where one requires Microsoft sign-in and another does not, then they are required to sign in again when switching to the client that requires Microsoft sign-in. /onestopreporting/help/management/customer-settings/multi-factor-authentication page 2025-10-07T14:21:26+02:00 # Multi-Factor Authentication ## How can I enable MFA in OneStop Reporting? Multi-factor authentication cannot be managed in the OneStop Reporting portal; this must be done in Connect (Visma Home). [Click here to log in to Visma Home](https://home.visma.com/home). We also have a knowledge article here [Open](https://kundeportal.vismasoftware.no/s/article/Aktivere-2FA?language=no) that explains how to set it up in Visma Home. ------------------------------------------------------------------------ ### User signs in to OneStop Reporting with Multi-Factor Authentication 1. In the **Username/Email** field, enter your email or username. 2. In the **Password** field, enter your password. 3. In the **Verification code** dialog, enter the code from your authenticator app. 4. Click **Verify**. If you do not have a verification code, click the **Do not have a code?** link to read more about the MFA setup check link: [Open](https://kundeportal.vismasoftware.no/s/article/Aktivere-2FA?language=no)) ------------------------------------------------------------------------ ### What is Multi-Factor Authentication Multi-Factor Authentication, (2FA), (MFA) is an enhanced security system that verifies a user's identity by requiring two or more forms of authentication. Rather than just asking for a username and password, MFA requires additional credentials, such as a code from the user's smartphone. MFA is an effective way to provide increased security. Usernames and passwords can be stolen, and they have become increasingly susceptible to brute force attacks. MFA creates multiple layers of security to help increase the confidence that the user requesting access is actually who they claim to be. With MFA, even if an attacker manages to learn the user\'s username and password, it is useless without also having possession of the additional authentication method. In OneStop Reporting, MFA works by requiring two authentication methods: - Something you know (username and password) - Something you have (an authenticator app on your mobile device)  ## What is an authenticator app and how does it work? An authenticator app is usually installed on a smartphone and you scan a barcode or enter a key to create an account. After the account is created, the authenticator app generates a 6-8 digit passcode every 30 seconds. The passcode can, for example, be used for login as an extra authentication method in addition to a username and password. The passcodes are generated from a secret code that is shared between the service you are using, such as OneStop Reporting, and your device, as well as the current time.  *Google Authenticator app example* ## Where can I get an authenticator app and which one should I use? There are a variety of authenticator apps you can download to your phone from **Google Play** and the **IOS App Store**, but we recommend that you use **Google Authenticator** or **Microsoft Authenticator**, as those are the ones we have fully tested our MFA solution on.  For more information about installing and setting up an Authenticator app, see [Install and set up Authenticator app](../../../user-settings/my-profile/install-and-set-up-authenticator-app) ------------------------------------------------------------------------