GivEnergy transition to new SSO service in further commitment to data security

Seamless access with the new Single Sign On (SSO) system for all markets.

As part of our continued alignment with the ISO27001 security standard, GivEnergy is committed to ensuring the confidentiality, integrity and availability of all user data. This includes robust controls to protect sensitive information and adherence to best practices in information security management.

As part of this work, we are moving our account & identity management systems to support Single Sign-On (SSO) which simplifies and secures access to our applications by allowing users to log in to multiple applications with a single set of credentials. It increases security through centralized authentication and supports multi-factor authentication (MFA) and biometric logins. SSO improves the user experience with faster logins and ensures compliance with security standards.

What this means for end users

As part of this work, we are moving our account & identity management systems to support Single Sign-On (SSO) which simplifies and secures access to our applications by allowing users to log in to multiple applications with a single set of credentials. It increases security through centralized authentication and supports multi-factor authentication (MFA) and biometric logins. SSO improves the user experience with faster logins and ensures compliance with security standards.

Installer Communications

You will receive a series of introductory and reminder communications to support your migration.

1. What is SSO?

Single Sign-On is a technology that allows you to log in to one “identity” securely linked to all “accounts” that you might have (for example a customer and an installer account). You can use SSO to access multiple applications or services without needing to re-enter your credentials. This streamlines the login process and ensures a consistent and secure experience across all connected accounts. GivEnergy is implementing SSO to increase security, streamline login processes and improve the user experience across our systems.

2. What is an Identity, and how is this different from an Account?

Single Sign-On is a technology that allows you to log in to one “identity” securely linked to all “accounts” that you might have (for example a customer and an installer account). You can use SSO to access multiple applications or services without needing to re-enter your credentials. This streamlines the login process and ensures a consistent and secure experience across all connected accounts. GivEnergy is implementing SSO to increase security, streamline login processes and improve the user experience across our systems.

3. Why do I need to create an Identity with Single Sign-On (SSO)?

Our SSO system provides you with a unified and secure way to access all the features of our service. Creating a single identity, unique to you, eliminates the need to manage multiple usernames and passwords for different parts of our platform. This improves your experience, reduces the risk of forgotten credentials, and enhances security.

4. Why should I link all my accounts to my SSO Identity?

Linking your accounts to your SSO identity ensures seamless integration across our services. It allows us to provide:

• A unified user experience for login across all applications.
• Better data security by centralizing authentication.
• Simplified account management (e.g., one password reset process for all linked accounts).
• Access to features that depend on a connected identity, such as personalized recommendations and consolidated billing.

5. Is my data safe with SSO?

Yes, your data is protected using industry-standard encryption and authentication protocols. SSO reduces the risk of security breaches caused by weak or reused passwords and provides a robust mechanism for managing your account’s security.

6. What if I already have multiple accounts with your service?

When you set up your SSO identity, you’ll have the option to link all of your existing accounts to one SSO identity. This process ensures that your data and preferences are preserved across the platform, no matter which account is currently in active use – it’s all linked to your unique identity. Our support team can assist with any issues during the transition.

7. What if I can’t remember my legacy account username or password?

If you can’t remember your legacy account’s password you can use the existing password retrieval service. If you cannot remember you legacy account username, there is also an automated username retrieval process available which will allow you to retrieve the username securely.

8. Can I opt out of using SSO?

SSO will become a core part of our platform’s infrastructure. Opting out is not currently supported, as it’s essential for providing you with a secure and streamlined experience. However, we’re happy to address any concerns or questions you might have and will gradually enforce the migration to SSO in phases for different types of user.

9. What happens if I forget my SSO credentials?

Our SSO system includes a secure password recovery process. You can reset your password using your registered email address or another verified recovery method. 

10. How will SSO improve my experience?

Linking your accounts to your SSO identity ensures seamless integration across our services. It allows us to provide:

• Offering faster access to features and services.
• Reducing the number of logins you need to remember.
• Ensuring a consistent experience across all linked accounts.
• Faster support, as it’s easier for us to validate your identity.
• Allows us to offer more advanced & convenient login options in the future (egBiometrics & more secure MFA options).

Transitioning to SSO

1. How do I use the bypass feature after the Soft Deadline to migrate?

The bypass feature allows users to temporarily access their accounts without using SSO (using their existing legacy logins) during the migration period. Each installer account has five bypass attempts which will allow legacy logins for 48 hours. These bypasses will be available until February 3rd, 2025, after which SSO will become mandatory for all installers.

2. How do I use the bypass feature after the Soft Deadline to migrate?

• Go to the login page and click the legacy ‘login’ button.
• Enter your existing credentials.
• The window that appears will advise you of the need to migrate your account. You will be able to migrate from this page or will be required to use one of your five bypass attempts to access the application for a 48-hour period.

3. What happens if I run out of bypass attempts?

If you use all five bypass attempts before transitioning to SSO, you will need to contact customer support for assistance. The support desk will have an option to reset the bypass attempts. We recommend completing your SSO setup as soon as possible to avoid disruptions.

4. Why is there a deadline for bypass use?

The deadline for February 3rd, 2025, ensures a timely and secure migration to SSO, which is essential for improving system security and user experience. All new accounts created will be only implemented through SSO. After the deadline, we intend to decommission the legacy login.

5. Is the bypass feature secure?

Yes, the bypass feature is secure and monitored. It is a temporary measure to help users transition to SSO, with strict controls to prevent unauthorized access.

6. How do I set up my new SSO credentials?

You will receive instructions via email & the migration journey is available on givenergy.cloud (account settings/security). Follow the steps to create your SSO credentials. If you need further guidance, contact customer support or refer to the user guide provided.

Resolving Common Issues:

A – I’m having problems with SSO or legacy bypass:

• Go to the login page and click the legacy ‘login’ button.
• Enter your existing credentials.
• The window that appears will advise you of the need to migrate your account. You will be able to migrate from this page or will be required to use one of your five bypass attempts to access the application for a 48-hour period.

B – My SSO Credentials are not logging me into the Portal:

• Make sure you use the ‘SSO Login’ button on the login page if you have migrated to an SSO account.
• The historic ‘Login’ button will not accept your new SSO credentials, and your legacy login credentials will take you to a screen asking you to log in with the new SSO method.

C- I’ve logged in with the legacy method and have been told my account has migrated to SSO. Someone else using my account has migrated to SSO:

• We ask that the main account holder completes SSO Migration, and to maintain security best practices each engineer user of the Portal should have their own SSO Identity and Portal account.
• If you were accessing the Portal using shared credentials, you would have been logged out of the application when the account was migrated.
• You will need to contact your company administrator to set up a new Portal account which will automatically be SSO enabled and linked to your company.

D- How do I reset my password once I have completed SSO Migration?

• The SSO Login page has a ‘Forgot Password?’ button that will reset your SSO password.
• The Portal’s password reset page, accessed from the Portal login page, will only reset legacy passwords, it will not work for SSO users.

E – I have used my 5 bypass credits and am now unable to login to the Portal/App:

• Please complete SSO migration as soon as possible to enjoy uninterrupted access to the Portal.
• If you continue to have difficulties, please contact our Support team who will be able to reset your credits temporarily.
• After February 3^rd, 2025, the bypass functionality will be removed and you will need to migrate to SSO to continue to access our applications.

F – I have multiple Portal accounts. How do I link all of them to one SSO Identity?

• After migrating an account and registering an SSO Identity, you will be able to link additional accounts to your identity. This functionality is available within the portal Identity Management page (account settings/account security / manage SSO).
• Alternatively, please follow the account migration pathway when logged in via legacy to your other account, when prompted to register, logging into your SSO Identity rather than registering a new SSO Identity.
• If you link an account incorrectly, please contact our Support team who will be able to unlink for you.

G. I am a new User, and the Login button is advising my credentials are incorrect:

• All Users created after 20^th December 2024 will automatically be set up with an SSO Identity.
• The old ‘Login’ button is only for legacy, unmigrated accounts.
• You simply need to click ‘Log in with SSO’ and use your credentials to log in

H. Can I extend the bypass feature deadline?

• No, the deadline has been set to ensure a safe and efficient transition.
• Account migration will be available from 20^th December 2024. We recommend that you complete your SSO setup well before 3^rd February 2025.
• From the 3^rd of February, SSO login will be the default way to use the GivEnergyapps. 

I. My Customer is trying to migrate their user account to SSO but has forgotten their legacy account username, how can I help?

• Customers can use the portal’s new “forgot username” feature to retrieve their username (username can be confirmed to the user’s registered email, upon entry on their Inverter Serial #

Download PDF >