Settings

The Settings menu in the My Profile section is only accessible if you are an Account Manager and have the Account Manager permissions. This menu contains options that Account Managers can configure related to logging in to Nintex eSign, and submitting a support ticket. In addition to these settings, there is also an Advanced Settings section that allows you to configure IP Address limiting.

This section of the user guide provides an overview of each setting in the Settings menu, and what that setting does and how it impacts users using Nintex eSign.

Settings

The following table provides information on each option in the Settings menu and provides information on the impact of each setting on the users of Nintex eSign.

Login Type	There are two options available in this field: eSign - This is the standard login type where a user needs to type in a username and password to login. SSO - Adds single sign-on to the Nintex eSign application. For more information refer to Add SSO.
Users must change their password on first login	If this option is toggled to On, then each time a new user attempts to log in to Nintex eSign, they are going to be prompted to set a new password. This option should be used when assigning new users temporary passwords that need to be changed.
When someone enters the wrong user name or password	The following options control what happens when a user enters a password that is incorrect: Allow user to retry Delay after each failure Lockout after 3 failed attempts Lockout after 4 failed attempts Lockout after 5 failed attempts Lockout after 6 failed attempts
How often should passwords expire	Controls how often passwords expire and users are requested to create a new password. This option defaults to 90 days.
A user's password must be at least	Controls the minimum length a user's password must be before it can be used. This option defaults to 8 characters.
How long before a user can reuse a password	After a user's password expires, or the user resets their password, this setting determines when the user is allowed to reuse their current password. This option defaults to 1 new password.
How long after temporary password expiration is a user allowed to request a new password	This option is a buffer for the user to request a new password after temporary password expires before their account is locked out. If this option is set to 7 days that means the user has at least 7 days to request a new password before their account is locked.
Automatically notify an administrator when a user account is locked	If this option is toggled to On, then when a user is locked out of their account an email is sent to the emails entered in the field below.
Enter up to 3 semi colon separated e-mail addresses that should be notified of password resets and other issues	Allows you to set up to three different email addresses that receive notifications when a user requests a new password, or when a user is locked out of their account. This option defaults to support@nintex.com, but it is highly recommended that this email be changed to an internal email in your organization.

Advanced Settings

You may enter ranges of IP addresses to either explicitly allow traffic to your account or to explicitly disallow.

If you enter ranges of IP address from which to allow traffic, then any traffic from an IP address not contained in your listed allowed ranges will be disallowed. For example, users that provide correct credentials to sign into your account but are coming from an IP address not covered by the entered allowed ranges will be told the IP address detected on their session is not allowed.

If you enter ranges of IP addresses from which to disallow traffic, then traffic from IP addresses in the disallowed ranges will be disallowed.

Typically, you would set only one or the other type of IP address settings.

Whited-Listed IP Addresses

All Environments (account.assuresign.net)

52.226.105.198
20.124.114.220
13.64.56.163
52.160.108.234

US West (www.assuresign.net)

52.226.105.199
20.124.6.241
13.64.56.165
104.42.124.13

US East (na1.assuresign.net)

52.226.105.200
20.124.1.55
13.64.56.164
40.78.42.137

Subaccounts (sb.assuresign.net)

13.64.56.160/28 (13.64.56.160 - 13.64.56.175)
52.226.105.192/28 (52.226.105.192 - 52.226.105.207)
104.210.39.191
40.71.190.218
40.117.87.57
168.62.160.179
13.92.47.117
138.91.248.196
137.116.70.238
168.61.21.2
168.62.160.179

Canada (ca1.assuresign.net)

13.64.56.160/28 (13.64.56.160 - 13.64.56.175)
52.226.105.192/28 (52.226.105.192 - 52.226.105.207)
20.48.168.208/29 (20.48.168.208 - 20.48.168.215)
52.228.24.186
52.228.45.249
13.92.47.117
138.91.248.196

European (eu1.assuresign.net)

13.64.56.160/28 (13.64.56.160 - 13.64.56.175)
52.226.105.192/28 (52.226.105.192 - 52.226.105.207)
20.67.66.80/29 (20.67.66.80 - 20.67.66.87)
137.117.160.234
137.117.172.36
13.92.47.117
138.91.248.196

Email Originating Servers

All email originating from AssureSign comes from the following servers:

Primary

50.31.46.119

o1.email.assuresign.net

Secondary

198.2.179.85
o2.email.assuresign.net

Add SSO

Admins now have the ability to configure SSO on as a global setting through the Settings screen in the My Profile section. However, there are a few steps that you need to take in order to enable SSO.

Use the following steps to add SSO:

In the My Profile screen, select the Settings option.
In the Login Type field, select SSO.
In the next screen click Validate account.
In the pop-up window, select the account that is trying to enable SSO.
In the next pop-up window, click the Save Changes button.

Be aware that enabling SSO disables the ability to use the Bulk User Management feature.
Once the pop-up window closes, click the Save button.
After confirming the changes, the next time the user logs in through Microsoft account option on the login page, they are going to be prompted for a single sign-on. Once they click on the user in the list that appears, they will be logged into Nintex eSign without having to type in a password.