# Accessing the Workspace Portal
The workspace portal is a web browser interface for users. Users can use this portal as an alternative to FTP and SFTP clients to view and modify the files they have access to. The workspace portal can also be used by users to configure their passwords, SSH keys, and multi-factor authentication configuration.
File transfers from the workspace portal are uploaded directly to the cloud object storage service using signed URLs. To pass file transfers through the application server see workspace_proxy_transfers
# Enabling the Workspace Portal
The workspace portal is disabled by default. To enable it, you must add the
workspace_port setting in the application configuration file.
It is is possible to have to the workspace portal, and the management portal on the same port, but for additional security, it is recommended to configure the management portal to use a different port with more restricted network security rules. The port number for the management portal is configured using the
The example below shows the recommended configuration of using a non-standard port for the management portal when the workspace portal is enabled.
When opening ports on an Azure Windows VM, you must modify the Windows firewall and the VM network security rules.
Once the workspace portal has been activated, it can be accessed by users at
https://<SERVER_HOSTNAME>:<WORKSPACE_PORT>/workspace/. If the port is 443 the port number can be omitted, for example a regular url would be
Before your users can upload and download files from the workspace, you must enable CORS on all buckets or storage accounts being used. This configuration is explained in detail in the next section.
If the workspace portal is made available on a public address, it is strongly recommended to enable password rules and IP banning on excessive failed login attempts. See Intrusion Prevention for more information.