User Authentication

Overview

This page details the processes for new users, account renewal and account expiry.

New user

The new user process follows these steps:

1. New user is created by an Admin user, see page

2. Admin user clicks which sends an email like this one below to the new user. A weekly scheduled report showing the top 10 heavily loaded watches will arrive in the new user's inbox each Sunday. Find out more about

3. New user clicks the link in the email Set password and creates new password as shown below

4. New user logs in for the first time, accepts our and then sees the getting started pop-up dialog

Also opens when selecting Getting started from the user menu/side bar

1. An account created email like the one below is sent to the new user

Federated Authentication for new users

Highlight supports multi-factor authentication and single sign-on through a process called Federated Authentication where password authentication is handed off to a third-party OAuth directory (typically Microsoft Azure AD).

There is the option to automatically create a new user in Highlight if that user has not previously logged in but has passed the authentication checks by the third-party provider. This is useful as new staff joining an organisation will be able to log into Highlight with no other admin intervention.

Auto-created users have the standard permissions (which include viewing heat tiles and details page, creating alerts and running reports). Extra admin permissions can be granted by other admin users if required.

New user welcome process

When an Admin user clicks the first Welcome to Highlight email is sent (see above image). The link to Set password expires 45 days from the date of the first welcome email.

If the user has not logged in within 45 days, their account is deleted.

An Admin user clicking this restarts the new user welcome process or (if 45 days have passed) the user will need to be recreated

Account renewal

User accounts are set to expire after 3 months (for service providers) or 12 months (for customers). In order to renew a Highlight account, an existing user must confirm their email address. This can be initiated via the Home page or from an account renewal email which is automatically sent.

1. An existing user will see the message below on the Home page for 14 days before their account is due to expire. They will also receive an email at 14 days and at 2 days prior to expiry (see steps 3 & 4)

2. The user clicks and the Home page message changes as shown below

3. The user will receive an email like the one shown below

4. The user clicks the link in the email (Click here to renew your account) and the account is renewed

Account expiry

1. When an account expires, the user will automatically receive a system email (see steps 4 & 5)

2. If a user attempts to log in to an expired account, the user will see the message below

3. After clicking the Renew Account link, the login screen shows A renewal link email has been sent

4. The user will receive an email like the one shown below

5. Click the link in the email (Click here to renew your account ) and the account is renewed

6. If a user does not renew their account, Highlight will send the renewal email every 3 months, then an email at 11 months specifying the date the userid will be removed, and a final email 2 days before removal. Expired user accounts are automatically removed from Highlight after 12 months.

Forgotten password

Users can request their own password reset, if needed, as shown below:

• The user will receive an email like the one shown below