User authentication

With SSO authentication, your system authenticates admins and applicants using their existing SSO credentials. 

In this transaction, your organization is the IdP (Identity Provider) that validates credentials and then provides a UID to your system.

Your system then uses this UID as a lookup key to determine which user is logging in and what permissions they have.

If a user cannot access your system, it means that it hasn't received the correct UID from your campus. Typically, this occurs when your organization's identity management hasn't validated the credentials. For more information, see Troubleshooting Sign-in Issues.

If your user doesn't currently have an account, your system will create one for them.

The default role in the system is that of an applicant. For a new user to have administrative privileges, an existing administrator can assign additional privileges to the user.

Though it isn't recommended, you can use Allow List Local authentication to grant access without integrating into a broader authentication system.

Applicants can only sign up or sign into their accounts if their email address is included in your current data import file. If a user's record isn't in the file, they can't access your system.

Note: Admins, reviewers, and reference aren't affected by your import file. To give access to one of these users, create an account as an admin.

For guidance on common sign-in issues, see Troubleshooting Sign-in Issues.