SARAH
DocumentationAPI Reference

Authentication and Access

Learn how authentication works in Sarah and how to keep your account secure.

Last updated: 2025-01-26

Authentication is the process of verifying your identity before allowing you to access Sarah. This guide explains how it works and how to keep your account secure.

Log In

Login Process

  1. Go to Sarah URL: https://sarah.ar or your custom domain
  2. Enter your email: Email associated with your account
  3. Enter your password: Your password
  4. Click "Log In": System verifies your credentials
  5. Access granted: If credentials are correct, you access the system

Password Requirements

To maintain security, passwords must meet:

  • Minimum length: Generally 8 characters (recommended: 12+)
  • Complexity: Mix of uppercase, lowercase, numbers, and symbols
  • Don't reuse: Don't use passwords from other accounts
  • Unique: Each user must have their own password

Password Management

Change Password

To change your password:

  1. Log in to Sarah
  2. Go to your profile or account settings
  3. Look for "Change Password" or similar
  4. Enter current password
  5. Enter new password (twice to confirm)
  6. Save changes

Recommendation: Change your password periodically (every 3-6 months).

Recover Password

If you forgot your password:

  1. Go to login page
  2. Click "Forgot your password?" or similar
  3. Enter your email
  4. You'll receive an email with reset instructions
  5. Follow instructions in email
  6. Create a new password

Note: Recovery link has limited validity time.

Session Security

Session Duration

Sessions in Sarah:

  • Have expiration time: After a period of inactivity, session closes
  • Require re-authentication: For sensitive operations
  • Can be closed manually: You can log out when you want

Log Out

To log out:

  1. Click your profile or user menu
  2. Select "Log Out"
  3. Confirm if requested

Important: Always log out when using shared computers.

Multiple Devices

You can log in from multiple devices:

  • Computer: For administrative work
  • Tablet: For mobile POS
  • Phone: For quick queries

Note: Each device maintains its own session.

Two-Factor Authentication (2FA)

What is 2FA?

Two-factor authentication adds an additional security layer:

  1. Something you know: Your password
  2. Something you have: A code from your phone or app

Configure 2FA

If 2FA is available:

  1. Go to security settings
  2. Enable 2FA
  3. Scan QR code with your authentication app
  4. Enter code to confirm
  5. Save configuration

Recommended apps:

  • Google Authenticator
  • Authy
  • Microsoft Authenticator

Use 2FA

When 2FA is enabled:

  1. Log in with email and password
  2. 2FA code requested: Open your authentication app
  3. Enter code: Enter 6-digit code
  4. Access granted: If code is correct, you access

Best Practices

Secure Passwords

  • Use unique passwords: Don't reuse passwords
  • Adequate length: Minimum 12 characters
  • Complexity: Mix of uppercase, lowercase, numbers, and symbols
  • Don't share: Never share your password
  • Change regularly: Change passwords every 3-6 months

Session Management

  • Log out: Always log out on shared computers
  • Don't save passwords: Don't save passwords in shared browsers
  • Use incognito mode: If necessary, use incognito mode on shared computers
  • Monitor sessions: Regularly review active sessions

Two-Factor Authentication

  • Enable 2FA: If available, enable it
  • Protect your device: Secure your phone or 2FA device
  • Backup codes: Save backup codes in a safe place
  • Don't share codes: Never share 2FA codes

Common Problems

Cannot Log In

Possible causes:

  • Incorrect password
  • Incorrect email
  • Disabled account
  • Temporary problem

Solution:

  1. Verify email is correct
  2. Try to recover password
  3. Contact support if it persists

Forgot Password

Solution:

  1. Use "Forgot your password?" function
  2. Check your email (also spam)
  3. Follow email instructions
  4. Create a new password

Don't Receive Recovery Email

Possible causes:

  • Incorrect email
  • Email in spam
  • Delay in sending

Solution:

  1. Verify email is correct
  2. Check spam folder
  3. Wait a few minutes
  4. Contact support if it persists

Session Closes Constantly

Possible causes:

  • Inactivity time
  • Multiple sessions
  • Cookie problem

Solution:

  1. Ensure you're active
  2. Close other sessions
  3. Clear browser cookies
  4. Contact support if it persists

Additional Security

Suspicious Activity Detection

Sarah can detect:

  • Logins from new locations
  • Multiple failed attempts
  • Unusual activities

If something suspicious is detected:

  • Additional verification may be required
  • Email notification may be sent
  • Access may be temporarily blocked

Report Problems

If you suspect your account was compromised:

  1. Change your password immediately
  2. Close all active sessions
  3. Review recent activities
  4. Contact support immediately

Next Steps