Skip to main content

Authentication & User Management

Veritect AI uses a robust authentication system to ensure secure access to legal data.

Authentication Methods

1. Email/Password Authentication

  • Standard login with email and password
  • Password requirements:
    • Minimum 8 characters
    • At least one uppercase letter
    • At least one number
    • At least one special character

2. Single Sign-On (SSO)

  • Google OAuth 2.0
  • Microsoft Azure AD
  • Custom SAML integration for enterprises

3. Two-Factor Authentication (2FA)

  • SMS-based OTP
  • Authenticator apps (Google, Microsoft)
  • Backup codes for recovery

User Roles & Permissions

Admin Users

  • Full system access
  • User management
  • Billing and subscription
  • System configuration
  • Analytics access
  • Case law search
  • Save searches and documents
  • Create workspaces
  • Export data
  • API access (if enabled)

Associates

  • Limited search access
  • View shared documents
  • Basic export features
  • No API access

Clients (Read-only)

  • View shared research
  • Download reports
  • No search access
  • Limited to assigned cases

Access Control

IP Whitelisting

For enterprise customers:

{
  "allowed_ips": [
    "203.0.113.0/24",
    "198.51.100.0/24"
  ],
  "enforce_ip_restriction": true
}

Session Management

  • Session timeout: 8 hours
  • Concurrent sessions: 3 per user
  • Device tracking and management
  • Session invalidation on password change

API Authentication

API Key Generation

POST /api/v1/auth/generate-key
{
  "name": "Production API Key",
  "scopes": ["search", "read", "export"]
}

Using API Keys

curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.veritect.ai/v1/search

Security Best Practices

For Administrators

  1. Regular Audits

    • Review user access monthly
    • Check for inactive accounts
    • Monitor API usage

  2. Password Policies

    • Enforce password rotation (90 days)
    • Prevent password reuse
    • Use password complexity requirements

  3. Access Reviews

    • Quarterly access reviews
    • Document access approvals
    • Remove unnecessary permissions

For Users

  1. Account Security

    • Use strong, unique passwords
    • Enable 2FA
    • Don't share credentials
    • Report suspicious activity

  2. API Security

    • Store API keys securely
    • Rotate keys regularly
    • Use environment variables
    • Never commit keys to git

User Provisioning

Manual User Creation

  1. Navigate to Admin > Users
  2. Click "Add User"
  3. Fill in user details
  4. Assign appropriate role
  5. Send invitation email

Bulk Import

CSV format for bulk user import:

email,first_name,last_name,role,team
john.doe@lawfirm.com,John,Doe,researcher,litigation
jane.smith@lawfirm.com,Jane,Smith,associate,corporate

SCIM Integration

For automatic user provisioning:

  • SCIM 2.0 compliant
  • Supports user and group sync
  • Real-time updates from identity provider

Troubleshooting

Common Issues

Account Locked

  • After 5 failed attempts
  • Auto-unlock after 30 minutes
  • Admin can manually unlock

Password Reset

  • Self-service via email
  • Admin-initiated reset
  • Temporary password expires in 24 hours

SSO Issues

  • Verify SAML configuration
  • Check attribute mappings
  • Review SSO logs

Compliance

Data Protection

  • GDPR compliant
  • SOC 2 Type II certified
  • ISO 27001 compliant
  • Regular security audits

Audit Logs

All authentication events are logged:

  • Login/logout
  • Password changes
  • Permission changes
  • API access
  • Failed authentication attempts

Access audit logs at: Admin > Security > Audit Logs