Enable Two-Step Authentication

This topic refers to functionality that is not available to accounts on the Quick Base Essential plan. If the functionality described here does not match what you're seeing in Quick Base, your account is probably on this plan.

With two-step authentication, a user signing in to Quick Base must provide two means of identification from separate categories of credentials: username/password combination and a security code provided via email. When this option is enabled, if the user enters a valid username and password, they are then prompted to enter their security code.

This topic describes how to:

Enable two-step authentication

Your account configuration (whether or not your account is part of a realm) determines how you enable two-step authentication.

If your account is part of a realm:

For an account that is part of a realm, if an admin wants to enable two-step authentication and opens the Summary tab of the Manage Account Billing page, they are directed to require two-step authorization on the realm Policies tab.

Enable two-step authentication from the Policies tab:
  1. On the My Apps page, click Manage name_of_realm then click the Policies tab.

  2. Select Require 2-step authentication.

  3. Click Save.

For more details about setting a realm password policy, click here.

Users with an account not part of a realm:
  1. On the My Apps page, click Manage name_of_realm.

  2. Click the Summary tab.

  3. Click Edit Account Properties.

  4. Select Require 2-Step Authentication.

Sign in with two-step authentication enabled

When you sign in to Quick Base with two-step authentication enabled, Quick Base prompts you to enter the verification code that was sent to your email.

  1. Sign in to Quick Base and the following dialog displays:

  2. 2 step sign in

  3. Enter the code you received via email. This is a six-digit alphanumeric code, e.g.:Y7X4QN

  4. Check Remember this device for 30 days and you'll be able to sign-in without entering a code for 30 days.

Verification codes are good for 10 minutes. To request another email with a new code, click the I didn't get an email link.

Note: With two-step authentication enabled, users already signed in won't be prompted to enter a code until their authentication ticket has expired.

Use Quick Base connected tables or API integrations

You can use Quick Base connected tables with two-step authentication by enabling user token authentication. To make a connection to a Quick Base app that uses two-step authentication, add a user token for the source app and then use that user token to make the connection. For more on user tokens and connected tables, click Connecting to another Quick Base app.

Any API integrations must authenticate using user tokens and not standard Quick Base API_Authenticate. If you are using API_Authenticate, the integration will fail.

Troubleshoot verification code error messages

Verification codes are good for 10 minutes. If you enter an expired code, you'll return to the sign in page and see this message:

If you did NOT enter the code but it has nevertheless expired, you'll see this message:

If you enter an incorrect code, you'll see this message:

If you enter an incorrect code more than 3 times, you'll see this message: