🎯 Purpose of this article
This guide helps you understand and the most suitable login and account creation methods for your teams. It is intended for administrators in charge of rolling out the platform within their company.
✅ Prerequisites
Administrator access to the platform
Coordination with your internal IT team (for SSO)
1️⃣ Available login methods
There are two main ways users can log in to the platform :
Login via SSO (Single Sign-On)
Login via SSO (Single Sign-On)
Why?
Allows employees to access the platform using their existing professional credentials — no need to create a new password.
How?
Set up jointly between your company’s IT team and the Komeet team.
Prerequisites
Users must already have access to your company’s SSO.
Login via email and password
Login via email and password
Why?
A simple, secure login using an email address and a password.
How?
Komeet provides a dedicated login page for your users.
Prerequisites
You’ll need to decide in advance how user accounts will be created.
Two-Factor Authentication (MFA) by Email
Two-Factor Authentication (MFA) by Email
Two-factor authentication (MFA) adds an extra layer of security when logging into Komeet. When enabled, a single-use numeric code is sent by email after entering your credentials.
MFA is triggered only if:
✅ The MFA parameter is enabled for your company
✅ The login is done via email + password
MFA does not apply to:
❌ SSO (Single Sign-On) connections
❌ Companies without MFA enabled
Login Flow with MFA
Entering Credentials
When a team member logs in with email + password:
MFA not enabled → Direct login
MFA enabled → Code validation step
SSO login → Direct login (even if MFA is enabled)
2. Receiving and Validating the Code
A 6-digit code is automatically sent to the login email address
The user must enter this code within 10 minutes
Navigation is blocked until the code is validated
⚠️ Important
Only one code remains active at a time. Requesting a new code automatically invalidates the previous one.
Rules and limits
Parameter | Value |
Code validity | 10 minutes |
Allowed attempts | 5 every 2 minutes |
Active codes simultaneously | 1 only |
💡 Good to know
MFA strengthens security by preventing unauthorized access, even if the password is compromised
Team members must have access to their professional email inbox to log in
If the code is not received, check spam/junk mail folders
SSO connections already benefit from integrated enhanced security
To enable this feature for your company, contact your Komeet representative
How to choose the right login method
How to choose the right login method
If your company uses a multi-entity network
If a routing key is provided via SSO, users will automatically be placed in the correct entity
If not, users will choose their entity manually during first login
If they change entities later, an admin must update this manually
Your situation... | Recommended setup |
My company offers SSO and everyone has access to it | Use SSO login only |
My company offers SSO but not for everyone | Use email/password login, or combine SSO + login (less optimal for UX) |
My company does not use SSO | Use email/password login |
2️⃣ Account creation methods
There are two approaches to creating user accounts :
Pre-creating accounts before first login
Pre-creating accounts before first login
You create accounts before users connect to the platform:
Bulk account import
You send Komeet an Excel file (template provided) at regular intervals
You can choose whether or not to send an automatic welcome email
With each new file:
New users are created
Inactive users are deactivated
API-based creation
Your internal systems are connected to Komeet via API
You control when accounts are created or deactivated
👉 Technical documentation is available on request
Accounts created at first login
Accounts created at first login
Accounts are automatically created when users log in for the first time, based on the login method:
SSO
Transparent connection using professional credentials
User data is automatically pulled from your SSO
A routing key is needed in multi-entity setups
Standard registration form
Users fill in their name and email address
If they use a professional email, the account is automatically validated
If they use a personal email:
You can block it (error message shown)
Or allow it, with manual validation required by an admin
🤔 How to choose the right account creation method
Situation | Recommended setup |
I’m using SSO and all reporting data is covered | Let users create their accounts at first login |
I’m using SSO, but need additional data for reporting | Use bulk import with extra fields (including routing key if needed) |
I’m using email/password login and all users have a pro email | Let users create their account at first login |
Users may use personal emails, but I want to block them | Same method — but users with personal emails will receive an error message |
I want to allow personal emails with manual review | Same method — personal emails are allowed but must be validated by an admin |