User Authentication

Overview

This page details the processes for new users, account renewal and account expiry.

New user

The new user process follows these steps:

1. New user is created by an Admin user, see create user page

2. Admin user clicks Save & Welcome which sends an email to the new user. Also, a weekly scheduled report showing the top 10 heavily loaded watches will arrive in the new user's inbox each Sunday. Find out more about scheduled reports

3. New user clicks the Set password link in the email and creates new password

4. New user logs in for the first time, accepts our terms and conditions and sees the Let's get started dialog

1. An Account created email is sent to the new user

Federated Authentication for new users

Highlight supports multi-factor authentication and single sign-on through a process called Federated Authentication where password authentication is handed off to a third-party OAuth directory (typically Microsoft Azure AD).

There is the option to automatically create a new user in Highlight if that user has not previously logged in but has passed the authentication checks by the third-party provider. This is useful as new staff joining an organisation will be able to log into Highlight with no other admin intervention.

Auto-created users have the standard permissions (which include viewing heat tiles and details page, creating alerts and running reports). Extra admin permissions can be granted by other admin users if required.

Find out more about how admin users can set up authentication and contact us for assistance in setting up this feature.

New user welcome process

When an Admin user clicks Save & Welcome the first Welcome to Highlight email is sent. The link to Set password expires 45 days from the date of the first welcome email.

If the user has not logged in within 45 days, their account is deleted.

An Admin user clicking Save & Welcome restarts the new user welcome process or (if 45 days have passed) the user will need to be recreated

Account renewal

User accounts are set to expire after 3 months (for service providers) or 12 months (for customers). In order to renew a Highlight account, an existing user must confirm their email address. This can be initiated via the Home page or from an account renewal email which is automatically sent.

1. An existing user will see a message on the Home page for 14 days before their account is due to expire. They will also receive an email at 14 days and at 2 days prior to expiry (see steps 3 & 4)

2. The user clicks Send renewal email and the Home page message changes

3. The user will receive an email

4. The user clicks the link in the email (Click here to renew your account) and the account is renewed

Account expiry

1. When an account expires, the user will automatically receive a system email (see steps 4 & 5)

2. If a user attempts to log in to an expired account, the user will see a message

3. After clicking the Renew Account link, the login screen shows A renewal link email has been sent

4. The user will receive an email

5. Click the link in the email (Click here to renew your account ) and the account is renewed

6. If a user does not renew their account, Highlight will send the renewal email every 3 months, then an email at 11 months specifying the date the userid will be removed, and a final email 2 days before removal. Expired user accounts are automatically removed from Highlight after 12 months.

Forgotten password

Users can request their own password reset, if needed:

• The user will receive an email