There are a myriad of available options for users to access their Award Force account. Whether you've opted for a standard experience or configured MFA or SAML, the steps outlined in this guide will assist with login.
Award Force standard login: first login
When a user creates an account, they enter their email address and the platform sends them a 6-digit security code (6DC). This code simply confirms that the email address is legitimate and allows the user to continue creating their profile. From this point forward, the 6DC is no longer necessary as the email address has been confirmed.
Award Force login: multi-factor authentication
All users have the ability to increase the security of their accounts by turning on and setting up multi-factor authentication (MFA). MFA, sometimes referred to as two factor authentication (2FA) is optional for all users unless the organisers of the program require it. If MFA has been correctly configured by the user, they will be prompted to add their MFA code when logging into Award Force. During sign in, users have the option for their browser to remember them for 30 days. If this checkbox is selected the user won't be prompted for the MFA code again for 30 days when using the same browser.
To learn more about MFA, see our dedicated guide: Multi-factor authentication.
Award Force login: Using SAML authentication
If an account sets up SAML, users can choose to log in using that SSO service; i.e. Okta. If used, the user clicks the Log in via SAML button from the home page (shown below) which takes the user through a series of steps to confirm their user profile exists in that service.
If that user does exist, they're automatically redirected back to Award Force and are logged in - user authentication is managed via the SSO service.
For users logging into Award Force via SAML for the first time or using a new device/browser, a 6DC is sent via email after successful SAML authentication. This 6DC is sent once but it is based on the user's browser or when the user has not returned to the Award account, using the same browser, for more than 30 days.
If the SSO service requires MFA to authenticate the user, that would be an additional step outside of the Award Force platform.
Award Force login: using SAML and multi-factor authentication
If an account is set up with SAML and the end user has turned on MFA for their user profile, the user will need to go through several steps to confirm their access when logging in from a new device/browser or after all cookies have expired (i.e. have not returned to the Award platform for more than 30 days). In this instance the user flow would be something like this:
- The user clicks the Log in via SAML button from the home page
- The user is redirected to the SAML service to be authenticated and is required to add their MFA code to confirm
- Once authenticated via SAML, the user is redirected back to Award Force but is prompted for another MFA code.
Important: this is not the same MFA code used to authenticate with the SAML service. This is a different MFA code as set up by the user from their profile page in the Award Force account, accessed via their Authentication app of choice. - Once the user adds the second MFA code to confirm their user profile they are then granted access to the Award Force platform.