Authifi Service - Security Documentation¶

Overview¶

This directory contains security documentation for the Authifi service, including guidance for securely configuring and operating administrative accounts in accordance with FedRAMP Recommended Secure Configuration requirements.

Security Admin Guide¶

Document: Security Admin Guide

The Security Admin Guide provides comprehensive guidance for setting up, configuring, operating, and decommissioning administrative accounts within the Authifi service.

Administrative Account Types Covered¶

Account Type	Description
Super Administrators	Top-level administrative accounts with platform-wide control
Tenant Administrators	Privileged accounts with full control within a single tenant
Delegated Admins	Users with specific elevated permissions for particular resources

Key Topics¶

Administrative account role definitions (permissions, actions, operations)
Account lifecycle procedures (setup, MFA requirements, configuration, decommissioning)
Security settings reference tables with recommended values
FedRAMP compliance mapping

Recommended Secure Configuration¶

Document: Recommended Secure Configuration

Detailed security configuration guidance covering:

Authentication and session management settings
Identity provider security configuration
Role-based access control (RBAC) settings
Data protection and encryption
Monitoring and audit configuration
Security best practices
Compliance checklists

Quick Reference¶

For Super Administrators¶

For Tenant Administrators¶

For Delegated Admins¶

Tenant Administrator Guide - UI-focused tenant settings guide
Super Admin Access Requirements - Complete list of super-admin-only operations
Admin Roles Overview - Technical role implementation details

Classification: Public
Last Updated: 2026-01-22