Squidex Security

Hello All,
Hope your having a good day!
I have a few questions regarding account security on squidex which I am using on docker :

  1. Can we enforce security policies when creating a user?
  2. Can I have a 2FA?
  3. Can I manage plugins for my application?


When you invite a user to an app you can assign roles and roles have permissions. There is basically a permission for every possible action.

Yes and no. If you configure with an external authentication provider like Azure. Then you can enforce it.

Not like in wordpress because you want to have a docker container anyway. Therefore you have to clone the project and add the plugins via code. There are examples directly in the repository.

for the security policies, is there other policies than the users permissions? password policy for example

Yes. Squidex uses the normal AspNetCore password policy: https://github.com/dotnet/aspnetcore/blob/main/src/Identity/Extensions.Core/src/PasswordOptions.cs

If you want to have full control and enable 2FA and so on, I recommend to use an external authentication solution such as Auth0