Note: This page is intended only for portal users.

1. Overview

1. Sign up to portals - Create your portal account and complete the initial setup process.
   
2. Set up authentication for sign-in - Configure first-factor authentication and multi-factor authentication (MFA) for enhanced security.
   
3. Sign in to portals - Access your portal using password, passkey, or password with MFA (TOTP), based on your portal configuration.
   
4. Manage accounts details - Update your profile details such as name and email address.
   
5. Manage authentication settings and sessions - Change password, update, or remove, MFA (TOTP) and Passkey settings from your account.
   

2. Sign up to Portals

Note:

1. If you have already signed up for the portal, you can directly sign in using your existing credentials. Refer to Sign in to the portal
   
2. You can sign up only in public or restricted portals, as private portals require users to be added manually by an admin.
   

1. Open the portal URL in the browser and click sign up in the Sign-in page.
   
2. Enter your Name, Email address, and Captcha in the respective fields, then click Sign up. An email will be sent to the email address you've provided with a link to create your password.
   
3. Open the email and click the Create New password link. The Create Password page will open.
   
4. Enter your password, then click Confirm.
   
Note: Ensure your password contains at least 8 characters, including uppercase and lowercase letters, a number, and a special character.

Note: After confirming your password, if MFA is enforced by the admin, you will be prompted to configure MFA during sign-up. Complete the setup using any OTP authenticator. Refer here for detailed steps.

1. If your portal is a public portal, you'll be directed to your homepage.
   
2. If your portal is is a restricted portal, you will only have access to the portal application after the admin approves you.
   

3. Setup authentication for portal sign-in

1. First-factor authentication methods - Primary method used to verify your identity during sign-in. You must complete this step before any additional verification is applied.
   Supported first-factor authentication method:
1. Password (Default) - Sign in using your registered email address and password. This is default and doesn't require any configuration. Password is always available as a fallback sign-in method when using the first-factor authentication method.
   
2. Passkey - Sign in without a password using your device’s biometrics (such as fingerprint or face recognition). Learn how to set up a passkey
   
Note: If Passkey is configured, you can sign in using either Passkey or Password.
2. Multi-factor authentication (MFA) - Adds an additional layer of security after completing first-factor authentication. You can configure MFA yourself at any time from your account settings, or enforced by the admin. When enforced, you will be prompted to configure MFA during sign-up (new users) or sign-in (existing users). Once set up, all sign-ins require password and MFA verification.
   Supported MFA mode:
1. MFA (TOTP) - After signing in using your password, you will be required to enter a Time-based One-Time Password (TOTP) generated using an authenticator app.
   

Note: Authentication behavior varies based on portal configuration

1. In regular portals: You can configure both Passkey and MFA. Signing in with a Passkey skips MFA, as it inherently provides multi-factor authentication, while signing in with a Password requires MFA (TOTP) verification. If only Passkey is configured (no MFA), you can sign in using either Passkey or Password.
   
2. Admin-enforced MFA portals: Passkey authentication will be disabled, including any previously configured Passkeys. You must sign in using your password followed by MFA (TOTP) verification.
   

3.1. Set up MFA(TOTP)

Note: To set up and use MFA, you must install an OTP authenticator app on your device. OTP authenticators are mobile applications that generate time-based one-time passwords (TOTP) for user verification, with codes refreshing every few seconds to enhance security during sign-in. You can use Zoho’s in-house app, OneAuth, or other authenticator apps such as Authy, Microsoft Authenticator, and Google Authenticator to generate OTPs for sign-in.

1. During sign-up or sign-in: If MFA is enforced by the admin, you will be prompted to configure it during sign up or at your next sign in. You can then sign in only using your password followed by MFA (TOTP). Alternative methods, such as passkeys, will not be available.
   
2. From account settings: If MFA is not enforced, you can choose to configure it anytime from your account settings.
   

3.1.1. During sign-up or sign-in

Note: These steps are applicable only when MFA is enforced by the admin. If it is not enforced, you can configure it yourself. Refer here for detailed steps

1. Open the portal URL in your browser and complete the sign-up or sign-in process. You will be prompted to configure the OTP Authenticator. Click Configure beneath the OTP Authenticator card to proceed.
   
2. A QR code and an alphanumeric code will be shown. Click Next after performing either of the following.
   
1. Scan the QR code displayed on the screen, using an authenticator app (in your mobile).
   
2. Enter the alphanumeric code displayed on the screen into the authenticator app on your device to register.
   
3. Enter the OTP generated by your authenticator app in the OTP Authenticator card and click Verify.
   
4. Click Enable MFA. Before enabling, you can also:
   
1. Change configuration: Select a different authenticator by clicking Change Configuration and repeat steps 2 & 3.
   
2. Delete configuration: Remove the current authenticator by clicking Delete Configuration. You will return to step 2 to set up a new authenticator.
   
5. Click Generate Backup Codes in the popup that appears.
   
Note: It is recommended to generate backup verification codes. These codes will help you recover your account if you lose access to your mobile number and can't sign in. Learn more

6. Download or Copy and paste the codes someplace where you can easily recover them when required.
   
   
7. Click Continue to Sign In. You'll be taken to your portal application's homepage.
   

3.1.2. From account settings

1. Sign in to the portal, click your profile (displayed either at the top right or bottom left, depending on the application's theme settings), and select My Account.
   
   
2. Click MFA Modes under Multi-Factor Authentication in the left pane.
   
3. Click Set up Now beneath the OTP Authenticator card. The Set up OTP Authenticator pop-up will appear.
   
4. A QR code and an alphanumeric code will be shown. Click Next after performing either of the following.
   
1. Scan the QR code displayed on the screen, using the authenticator app (in your mobile).
   
2. Enter the alphanumeric code displayed on the screen into the authenticator app on your device to register manually.
   
5. Enter the OTP generated by your authenticator app in the OTP Authenticator card and click Verify. You'll be shown a pop-up to terminate the sessions.
   
6. Select the Terminate all browser sessions checkbox if you want to sign you out of all your portal account sessions that are active in browsers and click Continue.
   
7. Click Generate New Codes in the popup that appears.
   
Note: It is recommended to generate backup verification codes. These codes will help you recover your account if you lose access to your mobile number and can't sign in. Learn more
8. Download or Copy the codes to a secure place for future recovery, then click Close.
   

3.2. Set up passkey

Passkey enables you to sign in without a password using your device’s biometrics, such as fingerprint or face recognition. It serves as a secure and convenient alternative to traditional password based authentication, offering a level of security equivalent to a password combined with multi-factor authentication, while providing a faster sign-in experience.

Note:

1. If multi-factor authentication is enforced by the admin, passkey cannot be configured or used. In such cases, all sign ins must use a password followed by MFA using TOTP.
   
2. If a passkey was configured before MFA is enforced by admin, it will be automatically disabled. You must then sign in using your password and MFA (TOTP).
   

1. Sign in to the portal, click your profile (displayed either at the top right or bottom left, depending on the application's theme settings), and select My Account.
   
2. Click First-factor modes under Multi-Factor Authentication in the left pane and click Set up Now in the Passkey card under First-factor sign-in modes. The Set up Passkey pop-up will be opened.
   
3. Enter Passkey Name for your reference and click Next.
   
4. Add a passkey using the prompt that appears, based on the passkey provider configured on your device. In this demonstration, iCloud Keychain is used, where the passkey is saved in the Passwords app. Authenticate using Touch ID (or your device’s biometric method) to securely create and save the passkey.
   
5. Click + Add Passkey and repeat steps 3 and 4 to add additional passkeys, if required.
   

4. Sign in to portals

1. Password
   
2. Passkey
   
3. Password with multi-factor authentication (TOTP)
   

4.1. Sign in using password

1. Open the portal URL in the browser. You'll be directed to the Sign In page.
   
2. Enter your email address and click Next.
   
3. Enter your password and click Sign In to log in to the application.
   

Info: If your admin has enforced multi-factor authentication (MFA), you will be prompted to configure MFA before logging in to the application. Learn how to configure MFA during sign-in

4.2. Sign in using Passkey

1. Open the portal URL in the browser. You'll be directed to the Sign In page.
   
2. Enter your email address and click Next. You will be prompted to authenticate using your configured passkey. In this demonstration, iCloud Keychain is used.
   
3. Authenticate using touch ID, face ID, or your device’s biometric method to securely sign in. After successful authentication, you will be logged in to the portal.
   

4.3. Sign in using password and MFA (TOTP)

1. Open the portal URL in the browser. You'll be directed to the Sign In page.
   
2. Enter your email address and click Next.
   
3. Enter your password and click Sign In. You'll be prompted to enter the OTP
   
4. Enter the Time-based OTP generated in your authenticator app and click Verify. You'll be logged in to the application.
   
Note: Once you verify the OTP, you will be prompted to trust the browser for the next 180 days. Doing so will skip MFA verification for this browser during that period.
Refer to learn how to remove the browser from the trusted browsers list

5. Manage account details

1. Change email address
   
2. Change username
   

Note: You can change your email and username only if the admin has allowed it by enabling the corresponding options in the portal settings.

5.1. Change email address

1. Sign in to the portal, click your profile (displayed either at the top right or bottom left, depending on the application's theme settings), and select Change Email Address under the horizontal ellipsis.
   
2. Click Proceed in the confirmation pop-up. A verification code will be sent to your current email address.
   
3. Enter the verification code and your new email address in the respective fields, then click Change Email Address to update. You'll receive an invite mail to your new mail address with a link to create password. 
   
Note: If you did not receive the verification code, click Resend.
1. 
4. Open the email and click the Create New Password link. The Create Password page will open.
   
5. Enter your password, then click Confirm.
   Ensure your password contains at least 8 characters, including uppercase and lowercase letters, a number, and a special character.
   
6. If MFA is enforced by the admin, you will be prompted to configure MFA. Complete the setup using an OTP authenticator. Refer here for detailed steps
   
7. Once configured:
   
1. If your portal is a public portal, you'll be directed to your homepage.
   
2. If your portal is is a restricted portal, you'll can access the portal application only after admin approves you.
   

5.2. Change name

1. Sign in to the portal, click your profile (displayed either at the top right or bottom left, depending on the application's theme settings), and select Edit Name under the horizontal ellipsis.
   
2. Edit your name in the Name field and click Update.
   

6. Manage authentication settings and sessions

1. Change password
   
2. Disable, delete, or change MFA (TOTP) configuration
   
3. Delete Passkey configuration
   
4. Remove trusted browsers
   
5. Terminate sessions
   

6.1. Change password

1. Sign in to the portal, click your profile (displayed either at the top right or bottom left, depending on the application's theme settings), and select My Account.
   
2. Navigate to Password under Security in the left pane and click Change Password. A pop-up will be shown.
   
3. Enter your current and new passwords in the respective fields, then click Change Password.
   

6.2. Disable, delete or change MFA TOTP configuration

Note: You cannot delete or disable your existing authenticator app if MFA has been enforced by your admin.

1. Sign in to the portal, click your profile (displayed either at the top right or bottom left, depending on the application's theme settings), and select My Account.
   
2. Click MFA Modes under Multi-Factor Authentication in the left pane.
   
3. To change your authenticator configuration, click Change Configuration on the OTP Authenticator card and follow Step 4 in 'Setup MFA - From account settings' (Section 3.1.2) to select a new authenticator.
   
4. To delete an existing MFA configuration, hover over the configuration, click the Delete icon () beside the MFA mode, then click Continue in the confirmation pop-up.
   
Note: To reconfigure MFA with a different authenticator after deleting your current one, follow the steps in 'Setup MFA – From account settings' (Section 3.1.2).

1. 
5. To disable an MFA mode:
   
1. Click the toggle next to the MFA mode and click Disable in the confirmation pop-up that appears.
   

6.3. Delete Passkey configuration

1. Sign in to the portal, click your profile (displayed either at the top right or bottom left, depending on the application's theme settings), and select My Account.
   
2. Click First-factor Modes under Multi-Factor Authentication in the left pane.
   
3. Hover over the preferred passkey configuration and click Delete icon ().
   
4. Click Continue in the confirmation pop-up that appears.
   

6.4. Remove trusted browsers

1. Sign in to the portal, click your profile (displayed either at the top right or bottom left, depending on the application's theme settings), and select My Account.
   
2. Click Trusted Browsers under Multi-Factor Authentication in the left pane. All browsers you've trusted to skip MFA will be listed here.
   
3. Hover over the browser you want to remove and click Remove. A pop-up will display details such as the device, operating system, trusted date, and location.
   
   
4. Click Remove in the pop-up to delete the browser from the trusted list.
   

6.5. Terminate sessions

Note: Your current session cannot be terminated. 

1. Sign in to the portal, click your profile (displayed either at the top right or bottom left, depending on your application's theme settings), and select My Account.
   
2. Select Active Sessions under Sessions in the left pane. All browser sessions will be listed here.
   
3. Hover over the session you want to terminate and click Terminate. A slider will appear from the right, displaying session details such as device, operating system, trusted date, and location.
   
4. Click Terminate in the slider to end the session.
   
5. To terminate all sessions except your current one, click Terminate All Other Sessions or Terminate All Sessions, then confirm it.
   

7. Related topics

1. Setting up a portal
   
2. Understand portal users