Sign-in Options and Best Practices

Whether you're just getting started with UserVoice, or working to optimize the sign in process for your users, you have multiple options when it comes to authentication for your end users. 

In this article we will walk you through your three main authentication options, how they work and best practices.
  1. UserVoice Authentication on Public Forums
  2. UserVoice Authentication on Private Forums
  3. Single Sign-on (works with public and private forums as well as private sites)

UserVoice Authentication on Public Forums

How it Works: 
  • Users can log in with their email address, Gmail or Facebook. If they enter just an email address, they are not required to confirm the email or create a password.  
Why: 
  • This makes it as easy as possible for your users to vote, post ideas and comment on your forum. It removes a barrier to entry, so users can quickly and easily give feedback. 
  • Requires not engineering resources or setup by your team managing UserVoice.
Note: Any licensed user (admin, agent or contributor) will ALWAYS be required to confirm their email address and create a password before logging in

Pro Tips:
  • If you have internal team members logging in as end users, encourage them to confirm their email address and set a password as a best practice. They can do this from their profile settings. 
Best Practices: 
  • Use user and account fields to connect data from your system to your users. This allows you to see not just how many people voted for an idea, but who those users are. Learn more here.
  • Review your moderation settings to ensure maximum effectiveness for your forum, and use case. 
Supporter Fraud Detection
Allow Users to Flag Inappropriate Content: Allows you to crowdsource moderation to your users, and is recommended.

Common Questions:


Q: Can we require an email confirmation and/or password?
A: Not for a public forum. We have an idea about adding this feature, which you can find here. If this critical for your use case, we recommend looking at configuring Single Sign-On or Private forums (these are outlined below).

Not a good fit for your use case? Keep reading!

UserVoice Authentication on Private Forums


How it Works: 
  • When making a forum private, you can grant access to specific email address or email domains (like joe@gmail.com or anyone from @acme.com). 
  • User will be required to confirm their email address and create a password before viewing or interacting with the forum. 
Note: You can also grant access via Single Sign On (more on this below) and IP. Learn more about Private forums here

Why:
  • This allows you to restrict access to a specific user group (like beta testers)
  • Recommended for customers who want one or more forums to restricted to a specific group of customers, so only users they authorize can view, vote and post content in a specific forum.  
Pro Tips
  • When making a forum private, create an access denied message that outlines what you want users to do if they don't yet have access. You will see this option in the forum settings.
  • Use user and account fields to connect data from your system to your users. This allows you to see not just how many people voted for an idea, but who those users are. Learn more here.

Single Sign-On for Public/Private Forums and Private Sites


How it Works: 
  • Users log in on your UserVoice site through your identity provider (Includes tools like like Azure Active Directory, Federation Services, Okta, OneLogin etc...). 
  • You can configure SSO for a public or private forum or a private UserVoice site. Learn more about available SSO options here.
Why: 
  • Users don't have to create new sign-in credentials for your UserVoice site, so it's easy and frictionless for them to sign in and give feedback.
  • Gives your team control over the sign in process.
  • Best way to grant access to a private UserVoice site.
Pro Tips:
  • You will need internal technical resources on your end to set this up. Find our documentation for your team here
  • You can use SSO in conjunction with UserVoice's authentication options.
  • Use user and account fields to connect data from your system to your users. This allows you to see not just how many people voted for an idea, but who those users are. Learn more here.

Common Questions


Q: Can more than one SSO (identity) provider be configured (multitenancy)?
A: Yes. Follow the instructions for each provider. You can add more than one configuration. Available options can be found here.



Feedback and Knowledge Base