Log in to the VIP Dashboard
Logins to the VIP Dashboard can be authenticated with a GitHub user account, a WordPress.com user account, or with an existing Single Sign-On (SSO) configuration. Once logged in, a user’s ability to access and interact with areas of the VIP Dashboard is defined by the Org role and App role that are assigned to the user.
Prerequisites
- A new user must receive an invitation to an organization’s VIP Dashboard.
- Only users with an Org admin role can invite new users to the VIP Dashboard.
Sign in with GitHub
Signing in with GitHub also requires VIP Cloud authentication.
To use a GitHub user account for authentication, it must be registered with the same email address to which the VIP Dashboard invitation was sent.
If a GitHub user account is selected for authentication the first time a user logs in to the VIP Dashboard, it must be the authentication method used for logging in each time afterward. The GitHub and WordPress.com authentication methods cannot be used interchangeably.
To sign in with a GitHub user account:
- Navigate to the VIP Dashboard.
- Select the button labeled “Sign in with GitHub“.
- If the user is not currently logged into their GitHub user account in that browser, they will be directed to a login prompt labeled “Sign in to GitHub to continue to VIP Cloud“.
- A user must be successfully logged in to GitHub in order to access the next step.
- In the next step titled “Verify Your Identity“, the user must retrieve the one-time passcode generated by the VIP Cloud authentication method that was chosen earlier. Enter the one-time passcode into the field labeled “Enter your one-time code“.
- Users can select the option for VIP Cloud authentication to “Remember this device for 30 days”.
- Select the “Continue” button.
Sign in with WordPress.com
Signing in with WordPress.com also requires VIP Cloud authentication.
To use a WordPress.com user account for authentication, it must be registered with the same email address to which the VIP Dashboard invitation was sent.
If a WordPress.com user account is selected for authentication the first time a user logs in, it must be the authentication method used for logging in each time afterward. The GitHub and WordPress.com authentication methods cannot be used interchangeably.
Note: A WordPress.com user account is separate and different than the user account created to log in to a WordPress site hosted on the VIP Platform.
To sign in with a WordPress.com user account:
- Navigate to the VIP Dashboard.
- Select the button labeled “Sign in with WordPress.com“.
- If the user is not currently logged into their WordPress.com user account in that browser, they will be directed to a login prompt labeled “Howdy! Log in to VIP Cloud with your WordPress.com account.”
- After successfully logging in to WordPress.com, the next screen will display the message “Howdy! Would you like to log in to VIP Cloud using your WordPress.com account?”
- Select the button labeled “Approve“.
- Retrieve the one-time passcode generated by the VIP Cloud authentication method that was chosen earlier.
- Enter the passcode into the field labeled “Enter your one-time code“.
- Users can select the option for VIP Cloud authentication to “Remember this device for 30 days”.
- Select the “Continue” button.
Note
It is not required to have two-factor authentication enabled for a GitHub or WordPress.com user account, but it is strongly encouraged. Enabling two-factor authentication for third-party user accounts whenever possible is one of many security recommendations for users.
Sign in with SSO
Single Sign-On (SSO) is an authentication method that allows a user to log in with credentials managed by an authentication service (e.g. Duo, Okta). This option is only available to users if Single Sign-On (SSO) has been configured for their organization.
Signing in with SSO does not require VIP Cloud authentication.
To log in with SSO, the user’s email address must already be added to the organization’s identity provider (IdP). If a user has questions about the SSO providers that are available to them, they should communicate with a member of their organization.
To use SSO as the method of authentication:
- Navigate to the VIP Dashboard.
- Select the “Sign in with SSO” button.
- Enter the email address associated with an SSO provider in the field labeled “Email“.
- Select the “Continue” button.
Users will be forwarded to the SSO provider’s authentication portal. If the user’s email address is associated with more than one SSO provider, the user must select one of those providers from a displayed list before being forwarded to that SSO provider’s authentication portal. - Complete the authentication process by entering the user’s login credentials with the SSO provider. Once authentication is complete, the user will be redirected back to their organization’s VIP Dashboard.
As long as Enforce SSO is not enabled by the organization, a user can choose not to continue signing in with SSO and instead select the “Start over” button to sign in with GitHub or WordPress.com authentication instead.
VIP Cloud authentication
VIP Cloud authentication allows users to log in to the VIP Dashboard securely, using their GitHub.com or WordPress.com user accounts as part of a multi-factor authentication login process. Requirements:
- A user must have a user account with either GitHub or WordPress.com.
- The user account must be registered with the same email address to which the VIP Dashboard invitation was sent.
- The type of user account selected for authentication the first time a user logs in (GitHub or WordPress.com) must be the same authentication method used for logging in each time afterward. The two methods cannot be used interchangeably.
Set up VIP Cloud authentication
The first time a user logs into the VIP Dashboard with either GitHub or WordPress.com, they will be prompted to complete the “Keep Your Account Safe” step by selecting a VIP Cloud authentication method:
- Google authenticator or similar: Scan the displayed QR code with an authenticator application (e.g., Authy or Google Authenticator) for one-time passcodes to be generated by that application.
- SMS: Select “SMS” for one-time passcodes to be sent to a user’s phone via SMS.
- Security Key: Select “Security Key” for one-time passcodes to be generated by a physical security key device (e.g. YubiKey).
Enter the one-time passcode generated by the chosen authentication method into the field labeled “Enter the one-time code“.
Last updated: November 15, 2023