> For the complete documentation index, see [llms.txt](https://oten.gitbook.io/identity-support/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://oten.gitbook.io/identity-support/user-guide/organization-admin-app/members/email-and-password-sign-in.md).

# Email and password sign-in

### Scope <a href="#scope" id="scope"></a>

This document defines the **standard email and password sign-in flow** for **Members** in a Business Organization.

This flow applies to:

* Users invited to an organization
* Members without administrative privileges

Authentication is performed using **email and password**.\
Additional security verification (if any) is handled by **separate security flows**.

***

### I am new. Where should I start? <a href="#i-am-new.-where-should-i-start" id="i-am-new.-where-should-i-start"></a>

If you are a **Member**, you do not configure authentication settings.

You only need to:

* Use the email address associated with your account
* Enter your password
* Follow on-screen instructions if additional verification is required

***

#### Purpose <a href="#purpose" id="purpose"></a>

This guide helps Members understand:

* How to sign in using email and password
* What happens during the sign-in process
* What to expect after successful authentication

***

#### Prerequisites <a href="#prerequisites" id="prerequisites"></a>

Before signing in, make sure that:

* Your account has been created or you have accepted an invitation
* You know your email address and password
* Your email address has been verified

***

### I already understand. How do I proceed step by step? <a href="#i-already-understand.-how-do-i-proceed-step-by-step" id="i-already-understand.-how-do-i-proceed-step-by-step"></a>

***

#### 1. Open the Sign-In Page <a href="#id-1.-open-the-sign-in-page" id="id-1.-open-the-sign-in-page"></a>

**Step 1:** Open the [**Sign In**](https://account.oten.live/login) page.

![s1.png](blob:https://silvertiger.atlassian.net/cd576dac-dec1-46a9-ac58-454fc15acab8#media-blob-url=true\&id=83e72e53-969f-4208-aa47-33969e6a9dd1\&collection=contentId-204047424\&contextId=204047424\&width=1904\&height=876\&alt=s1.png)

***

#### 2. Enter Email and Password <a href="#id-2.-enter-email-and-password" id="id-2.-enter-email-and-password"></a>

**Step 2:** Enter your email address and password.

**Step 3:** Click **Sign In**.

![s3.png](blob:https://silvertiger.atlassian.net/9563c1cf-e8e0-4dc2-bea4-bad5f2e9c79b#media-blob-url=true\&id=5df08b4f-2789-407e-8d7a-7d7f63623a43\&collection=contentId-204047424\&contextId=204047424\&width=1880\&height=888\&alt=s3.png)

At this stage:

* Credentials are validated
* Organization-level security policies are evaluated

***

#### 3. Authentication Result <a href="#id-3.-authentication-result" id="id-3.-authentication-result"></a>

**Successful Sign-In**

* You are authenticated successfully
* A session is created
* You are redirected to your assigned dashboard or workspace

![welcome.png](blob:https://silvertiger.atlassian.net/8a8f7872-166a-46fb-ad0b-b307d898bb6d#media-blob-url=true\&id=6ec94892-7743-4d73-a2b0-ae8b37ac2928\&collection=contentId-204047424\&contextId=204047424\&width=1898\&height=899\&alt=welcome.png)

#### Additional Verification Required (If Applicable) <a href="#additional-verification-required-if-applicable" id="additional-verification-required-if-applicable"></a>

If your organization enforces additional security checks:

* You will be redirected to a separate verification flow (for example: MFA or passkey)

> Detailed verification steps are documented separately.

***

### Security Considerations <a href="#security-considerations" id="security-considerations"></a>

* Passwords are never stored in plain text
* Failed sign-in attempts may be rate-limited
* Suspicious login behavior may trigger additional verification
* Sessions may be revoked if security policies are violated

***

### Important Notes <a href="#important-notes" id="important-notes"></a>

* Members cannot change authentication methods
* Password reset is self-service only via **Forgot Password**
* Security policies are enforced automatically by the organization
* Access may be denied if:
  * IP or geo restrictions apply
  * Device or platform restrictions are enforced

***

### Summary <a href="#summary" id="summary"></a>

| Item                         | Member                   |
| ---------------------------- | ------------------------ |
| Sign-In Method               | Email & Password         |
| MFA Control                  | Enforced by organization |
| Authentication Configuration | ❌ Not allowed            |
| Password Reset               | ✅ Self-service           |
| Administrative Access        | ❌ No                     |
