(2) Join Tehama for End-users
This is the second of the four onboarding steps for Tehama end-users.
This step logs you in to your corporate Tehama Portal for the first time, setting up your login credentials and your user profile details.
Your employer will have chosen which method you will use to log in. Determine which method you need to follow based on the type of link in your welcome email, and your own options.
Open up your "You have been invited to the Tehama organization ..." email. Click on the link provided in the email to start the process of joining Tehama. (Be sure to open the link in a browser supported by Tehama. See Check System Requirements for End-user.)
You will be prompted along through the process.
Read through the options below, and follow the instructions for the option that is right for you:
- If your "You have been invited ..." email contains:
- a link inviting you to log in to Tehama through your Identity Provider account, or
- a link inviting you to create an Identity Provider account
Then go to Set up Corporate (SSO) Authentication. This type of login uses your corporate login to access Tehama through Single-Sign On (SSO). - If your "You have been invited ..." email contains:
- a let's get started link, for Staff members, or
- an Accept invitation link, for Org Manager and Room Manager members
Then choose one of the following two options:
Note: Once selected, this choice is permanent. You will not be able to switch from one to the other.
- Set up Tehama Credentials with Multi-Factor Authentication if you want to authenticate using Tehama's native authentication service, which consists of Tehama credentials and Multi-Factor Authentication (MFA).
- Set up Google Credential Authentication if you want to use your Google account credentials to authenticate with Tehama.
Set up Corporate (SSO) Authentication
Follow these instructions if your "You have been invited to join the Tehama organization ..." email contains a link inviting you to log in to Tehama through your Identity Provider account (or a link inviting you to create an Identity provider account).
Before inviting you to join Tehama, your employer configured Tehama to authenticate all its users using Single Sign-On (SSO) authentication. This allows you to sign in to Tehama through your company's Identity Provider, for example, Okta or Salesforce, with your corporate login.
You will set up your Tehama access through your corporate Identity account, and you will always log in to Tehama through that account. Your Tehama profile details will be filled with data from your Identity provider account.
Steps to set up Corporate SSO Authentication:
- Click on the link in your "You have been invited ..." email. (Be sure to open the link in a browser supported by Tehama. See Check System Requirements for End-users.)
- If you already have an account set up in your identity provider, and you are currently logged in to that account:
- you will be connected directly to your corporate Tehama Portal.
- you will be connected directly to your corporate Tehama Portal.
- If you already have an account set up in your identity provider, and you are NOT currently logged in to that account:
- you will see the login mechanism provided by your identity provider. Log in as you normally would. You will then be connected directly to your corporate Tehama Portal.
- you will see the login mechanism provided by your identity provider. Log in as you normally would. You will then be connected directly to your corporate Tehama Portal.
- If you do not have an account set up in your identity provider:
- your identity provider will prompt you to create an account and sign in to it. You will then be connected directly to your corporate Tehama Portal.
- your identity provider will prompt you to create an account and sign in to it. You will then be connected directly to your corporate Tehama Portal.
- If you already have an account set up in your identity provider, and you are currently logged in to that account:
- Confirm that you are directed to the appropriate landing page for your Tehama role. Staff members will land on the DESKTOPS page and Managers and Admin users will land on the ROOMS page. Most end-users are Staff members.
- Confirm that your Tehama Profile has been filled with data from your Identity provider account. Edit and save this information as you wish, either here (if allowed - in which case the information will be propagated back to your identity provider) or in your Identity provider, which will propagate the information to Tehama.
- Open the User menu at the bottom left.
- Select Profile.
- Select the sidebar item PROFILE.
If at some future time, SSO Authentication is disabled by your employer, you will be prompted to set up one of the non-SSO authentication options.
Set up Tehama Credentials with Multi-Factor Authentication
Follow these instructions if your "You have been invited to join the Tehama organization ..." email contains a let's get started! link, and you want to authenticate using Tehama's native authentication service, which consists of Tehama credentials with Multi-Factor Authentication (MFA).
Note: Once selected, this choice is permanent. You will not be able to switch to Google Credential Authentication.
- Click on the link in your "You have been invited ..." email. (Be sure to open the link in a browser supported by Tehama. See Check System Requirements for End-users for a list of supported browsers.) You will see the JOIN TEHAMA dialog in your corporate Tehama Portal.
- Enter info (name, password and password confirmation) into JOIN TEHAMA dialog.
- Click on REGISTER. A page with sample download links for the Google Authenticator will appear.
- Note that Tehama's password policy is enforced as follows:
-
- 90-day forced expiration.
- Minimum of 12 characters.
- Maximum of 32 characters.
- At least one numerical.
- At least one upper case.
- At least one lower case.
- And at least one special character
- special characters include: !@#$%^&-=_+;':",./?<>{}[]()|).
-
4. Download the Google Authenticator App1 on your secondary device (a mobile phone/tablet etc.). (See Check System Requirements for End-users for the requirements for secondary devices.)
5. Click NEXT. A page with a QR code will appear.
6. Scan the QR code on the page into a new entry in the Google Authenticator app on your secondary device.
7. Click NEXT. The LOG IN dialog will appear.
8. Enter your email and password, and the current MFA code for this user from the Google Authenticator app.
9. Click on LOGIN. Observe that you are directed to the appropriate landing page for your Tehama role. Staff members will land on the DESKTOPS page and Room Manager members will land on the ROOMS page. Org Manager users will land on their Tehama Profile page. Most end-users are Staff members.
10. OPTIONAL: Check out your Tehama Profile. It should be partially filled out with your name and email. Edit your profile as you wish.
-
- Open the User menu at the bottom left.
- Select Profile.
- Select the sidebar item PROFILE.
1. Full instructions on downloading and installing Google Authenticator can be found by visiting:
https://support.google.com/accounts/answer/1066447?hl=en
BlackBerry OS devices: Google Authenticator for BBOS 4 – BBOS 7 devices are also available. ↩
Set up Google credential authentication
Follow these instructions if your "You have been invited to join the Tehama organization ..." email contains a let's get started! link, and you want to use Google Credential authentication to authenticate with Tehama.
To use this type of authentication, your Google account must be for the same email-address that your invite email was sent to.
Note: Once selected, this choice is permanent. You will not be able to switch to Tehama credentials with Multi-Factor Authentication.
- Click on the link in your "You have been invited ..." email. (Be sure to open the link in a browser supported by Tehama. See Check System Requirements for End-users.)
You will see the JOIN TEHAMA dialog. - Click on Sign Up with Google.
- If you already have an account set up in Google, for the email-address your invite email was sent to, and:
- you are currently logged in to that account:
- you will see the LOG IN TO <org name> dialog.
- Click on Sign in with Google. You will then be connected directly to your corporate Tehama Portal.
- Click on Sign in with Google. You will then be connected directly to your corporate Tehama Portal.
- you will see the LOG IN TO <org name> dialog.
- you are NOT currently logged in to that account:
- you will see the Google login mechanism.
- Log in as you normally would. You will then see the LOG IN TO <org name> dialog.
- Click on Sign in with Google. You will then be connected directly to your corporate Tehama Portal.
- you will see the Google login mechanism.
- you are currently logged in to that account:
- If you do not have an account set up in Google:
- you will see the Google login mechanism.
- Click on Create account and follow through the steps to create a Google account. You will then see the LOG IN TO <org name> dialog.
- Click on Sign in with Google. You will then be connected directly to your corporate Tehama Portal.
- you will see the Google login mechanism.
- If you already have an account set up in Google, for the email-address your invite email was sent to, and:
- Observe that you are directed to the appropriate landing page for your Tehama role. Staff members will land on the DESKTOPS page and the Manager role members, Org Manager and Room Manager, will land on the ROOMS page. Most end-users are Staff members.
- OPTIONAL: Checkout your Tehama Profile. It will be partially filled with data from your Google account (at least your name and email). Edit and save this information here as you wish. (Changes will not be reflected in your Google account.)
- Open the User menu at the bottom left.
- Select Profile.
- Select the sidebar item PROFILE.
Your next login
You have set up your Tehama authentication and logged off from your corporate Tehama Portal.
How do you log in again?
If your organization is using Corporate SSO Authentication, you can look for the Tehama Application in your Identity Provider's interface. Click on that application to log back in to your corporate Tehama Portal.
For any of the authentication types, including Corporate SSO, you can log back in to your corporate Tehama Portal from the following URL:
- https://<your-tehama-org-subdomain>.tehama.io/login,
where "your-tehama-org-subdomain" is the subdomain of your Tehama organization.
Can't remember your Tehama organization subdomain?- Go to https://app.tehama.io/ and click on Can't remember your Organization's URL?
- Enter your email and click on SUBMIT. Your organization's login URL will be emailed to you. The subdomain is the part of the URL before "tehama.io".
See Login instructions in the Authentication User Guide for more details.
Have you successfully joined/registered with Tehama? You are ready to move on to the next step:
Troubleshooting
You can find troubleshooting tips for the end-user onboarding process here: