Organization Settings

Article author
Josh L
  • Updated

Settings that apply to the entire organization can be changed from the Settings page. Each setting on this page is described below.

Single Sign On

DNSFilter allows organization administrators to configure Single-Sign-On for all users within that organization. This is done by setting up an Identity provider like Azure Active Directory and Okta that supports the Generic OpenID Connect (OIDC) authentication process.


This way, users can use the same credentials they use on platforms that support these authentication providers to also log into DNSFilter.

Learn more about Single Sign-On and learn how to configure it.

Two-Factor Authentication

With Two-factor authentication, you can further protect your users by requesting a One-Time Token (OTP) before they are eventually granted access to their account after email/password authentication. This setting can be turned on for all users within your organization as shown below:


Learn more about setting up Two-Factor authentication here.

Limit PII (GDPR)

The Limit PII Collected (GDPR) option will reduce the amount of data we collect to comply with the EU General Data Protection Regulation. Enabling this option disables the collection of some Roaming Client fields, which may contain PII, enabling an organization to meet certain GDPR requirements.




  • Enabling this feature will redact and prevent collection of machine name and username data from all roaming clients within the selected organization. This removes all personally identifiable information from your DNS queries.

  • Enabling the GDPR Compliant option does not automatically grant your organization GDPR compliance - that is determined only by your own legal counsel and your requirements.

  • Yes. If after enabling this option, you decide to disable it again, you must wait for each Roaming Client to check in with the DNSFilter Dashboard before Client Name and Username data is available again.

GDPR Feature Troubleshooting

If the Limit PII Collected (GDPR) option was enabled before entering a Friendly Name for each Roaming Client, it might be difficult to differentiate between devices within the DNSFilter Dashboard. To identify Roaming Clients after the data has been redacted, compare the ID of the Roaming Client within the DNSFilter Dashboard with the Client ID of the device. You may obtain the Client ID of the device using multiple methods:

  • From a command line or terminal window, run this command, which will return the client_id of the Roaming Client: nslookup -type=txt

  • On a Windows OS device check the Registry: HKEY_LOCAL_MACHINE\SOFTWARE\DNSAgent\Agent\ClientId

  • On a MacOS device, check the following file: cat /Library/Application\ Support/DNSFilter\ Agent/daemon.reg If you are using the white labeled Roaming Client, the path will change slightly: cat /Library/Application\ Support/DNS\ Agent/daemon.reg

Was this article helpful?

1 out of 1 found this helpful

Have more questions? Submit a request



Please sign in to leave a comment.