Set Up Production Organization
What is a production organization?
An organization is a dedicated environment within the Atlar platform where one can centralize one's resources, team members, and third-party connections (e.g. banks, PSPs or ERPs), facilitating a structured and efficient way to utilize the platform's capabilities tailored to one's specific needs. You will only have a one organization for production and centralizing your “real” resources, team members and third party connections.
How to set up the production organization
Before creating your production organization, we recommend reading the Best practice section.
Follow these steps to set up your production organization:
- Navigate to app.atlar.com
- Click Create New Account
- Verify your email address and log in to the dashboard
- Select No Demo Data
- Set up Multi-Factor Authentication (MFA) — while not required, it is highly recommended. Read more in Multi-Factor Authentication (MFA)
- Click on your organization in the bottom left corner and go to My Account
- Click Enable Multi-Factor Authentication
- Sign in again
- Click Enable Multi-Factor Authentication once more and choose your preferred MFA method (security key or passkey)
- Set the key name and follow the instructions to set up the MFA
Your production organization and MFA is now set up.
Best practice
Owner account
Upon creating a new Atlar production organization, the email used will be given “Owner” status. By default, the owner can access the full functionality of the Atlar platform. The owner account will be used for setting up approval chains, roles, and users. To ensure the protection of Atlar credentials associated with the owner account, the following practices are recommended:
- The production organization should be set up with a non-personal email address, for example: [email protected]
- Do not share the login credentials with a wider team & consult your IT/security department to ensure you follow internal best practices for managing passwords
- Make sure that the email address can only be accessed by the intended owner(s) since the email account itself can be used to take over the account via the forgot password feature (especially if MFA is turned off!)
- Enable Multi-Factor Authentication (MFA) and at least one backup MFA option
- Do not use this account for day-to-day operations, such as checking the account balance Following the above bullets ensure that login credentials to the owner account remain protected. If the person with access to the owner account leaves the company or changes positions, you can easily rotate access as it’s tied to a non-personal email.
Beware of phishing attacks
Atlar support will never ask for your password or programmatic access credentials. Don’t click on links in emails that seem to come from Atlar, unless you were expecting such an email (e.g. when signing up, clicking “forgot password”, being invited to Atlar by a colleague, etc.). Someone could try to imitate legitimate emails coming from Atlar and lead you to a malicious site.
Four-Eyes Approvals
Four-eyes approval is a safety measure used to ensure important changes are checked by two people before they are carried out. During the implementation and until fully live, the four-eyes approval is not required since the organization is still establishing the correct setup. However, once the organization is fully live and starts inviting more users, the best practice is to enable four-eyes approvals. This ensures two users approve changes to sensitive operations, such as user management and payment approval chains. However, note that the actual approval of a payment is not approved using ‘Four-eyes approvals’. Read more in the [Four-Eyes Approval](doc:Four-Eyes Approvals) doc.
Updated about 2 months ago