Smart Sign-in Using OneAuth | Sign-in - Zoho Accounts

Smart Sign-in using OneAuth

Smart Sign-in is a secure and seamless way to sign in to your Zoho account by scanning a QR code using Zoho's Authenticator app, OneAuth. You need not type in your username or password manually.

Prerequisites

  1. You need OneAuth installed on your mobile or windows device and be signed in with your Zoho account.
    If you haven’t installed OneAuth yet, use this link: Install OneAuth (Android | iOS | macOS | Windows) 

Platform-Specific Behavior

Android:
  1. v3.8.1 and above: Scan any QR
  2. v3.1 to versions earlier than 3.8.1: Smart Sign-in
iOS/Windows:
  1. Currently supports Smart Sign-in.
  2. Scan any QR is not yet available.


How to Use Smart Sign-in

For mobile
For Windows
For mobile
  1. Go to Smart Sign-in on your browser to scan the QR code.
  2. Open the OneAuth app on your mobile device.
  3. Tap Scan any QR in the MFA tab.
    4. For Android (v3.1 to versions earlier than 3.8.1) and iOS, tap Smart Sign-in instead.
  4. Scan the displayed QR code using OneAuth.
  5. Complete biometric or PIN verification, if enabled. You will be signed in to your Zoho account.

For Windows
  1. Go to Smart Sign-in on your browser to scan the QR code.
  2. Open the OneAuth app on your Windows device.
  3. Click Smart Sign-in.
  4. Complete biometric or PIN verification, if enabled.
  5. A dialog box will appear displaying the tabs currently open.
    6. Select the tab that contains the sign-in QR code.
  6. Scan the displayed QR code using OneAuth. You will be signed in to your Zoho account.
 

FAQs

1. Why can't I see the Smart Sign-in option in OneAuth?


Possible Reasons
Solution

You are using an outdated version of OneAuth.
Update to v3.1 or higher.
For versions that use 'Smart sign-in' instead of 'Scan any QR'

Your organization has enforced custom SSO authentication (SAML, JWT, or federated sign-in), which disables Smart Sign-in.
Contact your administrator for clarification.

Restrict Sign-in is enabled for your account.
Disable it to use Smart Sign-in.

2. Why am I getting a 'Smart Sign-in not allowed' error in OneAuth?


Possible Reasons

Solution

Your organization has enforced other MFA modes (such as SMS based OTP, Security Key, or 2FA Authenticator) and has not included OneAuth as an allowed mode.

Your organization needs to allow OneAuth as an MFA mode for you to use Smart Sign-in. Contact your administrator for further clarification.




Your account is MFA-enabled, but this device is not an MFA-enabled device for your account.










If you don’t have access to your OneAuth MFA-enabled Primary device, you can set another signed-in mobile device as your primary or secondary MFA device in OneAuth.

  1. Open OneAuth on your signed-in mobile device.
  2. Tap Make as Secondary (or Primary, if needed). Once set, you can use Smart Sign-in.
If both primary and secondary devices are inaccessible, repeat this process on another signed-in device to use Smart sign-in.


IP restriction is enabled, and you are trying to sign in from a different IP address than configured.



Sign in from the allowed IP address or disable the restriction. For organizational restrictions, contact your administrator.



3. Will enforced password changes by my organization affect Smart Sign-in?

No, Smart Sign-in will not be affected. However, if you sign in using your password instead of Smart Sign-in, you will need to change it when required by your organization.

4. Can I use Smart Sign-in if my mobile device is on a different IP address than the IP restriction enabled for my account?

No, both your mobile device and browser must be on the configured IP address. Smart Sign-in will not work otherwise.