Table of Contents
- Creating a Principles Account
- Setting up Single Sign On (SSO)
- Troubleshooting FAQs Article
To set up your team, you will first need to sign up for a Principles account. Once you have completed the sign-up process, you will have the opportunity to invite your team members. You will also have the opportunity to optionally configure single sign-on (SSO).
This article covers:
- Creating a Principles account
- Setting up SSO
- Troubleshooting FAQs
Creating a Principles Account
1. Create Your Account
You can begin setting up your Principles account by navigating to https://my.principles.com/app/auth/signup. Here you will be prompted to enter your email, a password, and your full name.
You will not be able to create multiple accounts using the same email address at this time. If you’re looking to set up multiple accounts (for groups within the same organization, as an example) using the same, corporate email account - simply append a plus (“+”) sign after your email address and after that, you can insert any combination of words or numbers to create any number of personalized email IDs with the same inbox. For example, if your email is firstname.lastname@example.org, you would be able to use email@example.com. Keep in mind that this will work with some, but not all, email providers. If you encounter issues, please contact us at firstname.lastname@example.org.
2. Confirm Your Email Address
Once you click sign up, you will be asked to confirm your email address. This email will come from email@example.com. If you do not receive an email, check your spam folder or select ‘Resend email.’ It is also possible that your group or organization uses a third party spam filter, in which case, you should reach out to your IT administrator to ensure firstname.lastname@example.org is whitelisted. If you are still having trouble, contact us at email@example.com.
3. Sign-in to Your Account
Once you have successfully confirmed your email address, you will be prompted to sign-in to your newly created account. If you have forgotten your password, simply click ‘Forgot your password?’ at the bottom of the page.
4. Give Your Team a Name
Once you have successfully signed in to your account, you will be prompted to give your team, or organization, a name. If you’re setting up the Principles Tools for your company, we recommend using your company’s name. If you’re setting up the Principles Tools for a team or group within your company, choose something that others on your team will recognize. Keep in mind that you will be able to change this, if needed.
5. Select a Product Plan
Select which product plan you would like to purchase and click ‘Next.’
6. Select a Number of Users & Enter Your Billing Information
Enter a number of users, or seats, you’d like to purchase. Keep in mind that you can always add additional users later. You will also be asked to enter your billing information (country, address, city, state, and postal code), for tax purposes.
7. Finalize Your Purchase
After you have chosen a number of users and entered your billing information, you will be directed to the checkout page. Here you will be able to review the cost details for your purchase. To complete your purchase, you will be asked to enter the following information:
- Your Email
- Credit Card Information (Name on card, Number, Expiration, and CVC)
- Billing Country and Zip Code
If applicable, you will also have the option to enter a promotion code by clicking ‘Add promotion code.’ If you’re having difficulty with a promotion code, please see our Troubleshooting FAQs below.
8. Invite Your Team Members
Once you’ve completed your purchase, you will be prompted to invite your team members. Simply select ‘Invite’ from the top of the page, and begin inviting members of your team. You can invite people individually or in bulk. Once invited, they will receive an email prompting them to set up their account and create a new password.
You may want to let your team know that the invitations expire in 24 hours. If one of your team members doesn’t get to it in 24 hours, you can always reset their password from the ‘Manage Users’ tab.
For more information on managing users, see HERE.
Setting up Single Sign On (SSO)
If your company uses an identity provider (such as Active Directory, Azure AD, LastPass, Okta, OneLogin, SecureAuth, Entrust Identity, etc.) you can optionally configure it with the Principles Tools. This will need to be done by an Administrator of your Enterprise organization.
1. Navigate to the SSO Tab
To get started, navigate to the Administration tab of the application and select SSO.
2. Set Your Session Settings
First, you will be prompted to provide a Login Subdomain and Refresh Token Expiration.
- Login Subdomain - This is the URL your organization will use to access the Principles Tools. We recommend that this be similar, or the same as, your team or organization name. If you don’t remember the name of your team or organization, you can find it in the Settings tab of Administration.
- Refresh Token Expiration - This is how long users will stay logged in before they are logged out and required to log in again. This is set to 30 days by default.
3. Select Your Authentication Protocol
Select between one of the following authentication protocols:
- Security Access Markup Language (SAML)
- OpenID Connect (OIDC)
4. Configure Your Identity Provider (IdP)
Once you have selected SAML or OIDC, you will need to enter a set of information (i.e., your Provider Settings) in order to configure the Principles Tools with your preferred identity provider. All required fields can be found in the Administration console / dashboard for your identity provider. If you’re not sure where to find any of the required fields, please contact support for your particular identity provider.
Your identity provider may also need the following field(s) while setting up the connection:
Audience URI: urn:amazon:cognito:sp:us-east-1_LNfGXNssl
Sign-in redirect URI: https://principles-prd-primary.auth.us-east-1.amazoncognito.com/oauth2/idpresponse
5. Provide Field Mapping Information for Users
After you’ve completed the required fields, you will be asked to provide a set of field names from your identity provider. These are fields that contain user-related information that will get pushed to Principles Tools. The field names (also called mappings) can be found in the Administration console / dashboard for your identity provider. If you’re not sure where to find these fields, please contact support for your particular identity provider.
- Field Name for User’s Name - This should be the field name for a user’s display name.
- Field Name for Unique Identifier - This should be the field name for a user's unique ID.
- Field Name for Email - This should be the field name for a user’s email address. This is the email they will use to sign in with.
Once set up properly, anyone who belongs to your company or group’s organization will be required to log in to their Principles account using your preferred identity provider. They can do this by going to the login subdomain you have chosen in step 1 above.
For more information on managing users, see HERE.