Set up how your employees log into Kenjo (SSO)

Modified on Wed, 24 Aug 2022 at 09:20 AM

There are multiple ways to log in to Kenjo. In this article, you will learn all the possibilities to set up the login for your employees, so you can choose which adapts best to your Organization's needs. 


As a rule of thumb, any user can access Kenjo after activating their account using the work email you have added in their personal profile. When they activate their account for the first time, they need to create a password that is at least 8 characters long, including at least one number, one capital, and one lower letter.


However, you have three options to make yours and their lives easier, or add another layer of security to their Kenjo account. You can choose ONE of the following: 


Keep in mind that you and your employees always have the option to simply log in using work email and password.


After you have set everything up, find here how you can further assist your employees, should they have problems logging into their Kenjo account. 

 

Kenjo is not compatible with Internet Explorer. Please refrain from using this search engine to log into Kenjo. 

If you activate SSO, you cannot activate 2 Factor authentication or vice versa.

Log in using SSO with a company domain


The Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID and password to any of several software systems. Once it is activated, there will be no need for an additional username and password, which reduces the number of logins and administrations costs. At the moment, the SSO is available for Google, Apple, and Microsoft Azure.


To enable it, go to Settings > Security > Enable provider and add the company domain by clicking (+) ADD NEW DOMAIN.



When the admin enables a provider and adds a company domain in Settings > Single sign-on, all employees whose work email use the same domain will be able to access their account using the "Sign in with" button on the Kenjo sign-in page. Exceptions are made for contractors, freelancers and/or users who do not have a company email address. These users will be able to log in as usual using their personal email address by entering their email and password configuration and/or through SSO.



Log in using SSO without setting a company domain


When the admin enables a provider and does not add any company domain in Settings > Security, the users can log in via the "Sign in with" button or by using their email and password. If some users want to use the second option, they should set a password by clicking on the link "Forgot password?" (in the Kenjo sign-in page) or requesting the admin to reset their password in their profile. 



Log in using 2 Factor Authentication


Two-factor authentication is an extra layer of security for a Kenjo account that ensures only the account holder can access their account, even if someone knows the password. 


To activate this function, go to Security > 2 Factor authentication and toggle the switch on. 


The admin can enable 2 Factor Authentication for all employees or for specific employees. If they choose the second option, they can use the search bar to find the employees to be included and click SAVE.




Once it is active, the two-factor authentication will work as follows:

  • On Kenjo (desktop or Mobile), enter email and password
  • Click on login 
  • A new login screen will open to enter a one-time-password (OTP)
  • Go to the email inbox, and look for the 6 digit OTP
  • Enter or copy & paste the 6 digit OTP in the new login screen and press submit/login
  • You will be redirected to the Kenjo home page with a success message


Because the password is no longer enough to gain access to an account, two-factor authentication significantly enhances the security of the Kenjo account and the personal information that can be accessed.


2 factor authentication will work every time a user is logged out of the account (meaning, no active session). 

Make sure not to take more than 5 minutes to enter the OTP. Otherwise, the code will expire, and the process will start over.



Summary


Example 1Example 2Example 3

If you activate an SSO provider with a company domain (yourcompany.com).

  • users can login using SSO using the email that matches the domain
  • users can also login using their email and password (if it matches the domain)
  • users should not be able to login with other emails not matching the domain (or use the email/password configuration)

If you activate an SSO provider without any company domain.

  • All users with the work email xxxxx@yourcompany.com can log in via SSO
  • Other users with a different email (e.g. xxxx@gmail.com) can log in via SSO

If you don't activate an SSO provider

  • All users with work email xxxxx@yourcompany.com can only log in using the email and password.
  • Other users with a different email (e.g. xxxx@gmail.com) can only log in using email and password.

Problems logging in 


These are the recommended steps for your employees in case they have a problem with accessing their Kenjo account, even though the work email is correct. If anyone is unable to log into Kenjo, they should try the following steps:


  • Make sure to use another browser that is not Internet Explorer, as Kenjo doesn't support it. 
  • If multiple email addresses are in use, make sure to use the email address associated with the correct Kenjo account.
  • Clear the cache and cookies in the browser and try again.
  • Try logging in from another network, such as a phone's network, to see if the issue is network-related. If logging in from another network works, contact the IT department or network administrator to troubleshoot the network issue.
  • Enable third-party cookies in the Chrome settings. Learn more by visiting this article. 

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article