Authentication
This page explains how users sign in to BaseQR, how accounts are verified, and how Enterprise SSO works at a high level.
Overview
• Account access — Users authenticate at the organization level. New campaigns are visible to all users in the organization after sign-in.
• Verification — Email verification is required for new accounts.
• SSO — Single sign-on is available for Enterprise accounts.
Account creation and email verification
• Sign-up — Create an account with your work email.
• Verify email — Open the verification email and complete verification to finish setup. If you do not receive the message, check spam/junk or ask an Admin to resend the invite.
• Organization access — After verification, you will either create a new organization (first Admin) or join an existing one via invitation.
Invitations
• Who can invite — Admins invite teammates by email and assign a role (Admin or User) during the invite.
• Accepting an invite — Follow the link in the invitation email and sign in. If the organization uses SSO (Enterprise), you will authenticate with your identity provider.
Enterprise SSO
• Availability — SSO is available for Enterprise plans.
• Behavior — Once enabled for your organization, users authenticate through the organization’s identity provider. Day-to-day access and permissions still follow Roles & Permissions.
• Provisioning — Enablement details are provided during Enterprise setup. Contact your Admin if you expect SSO and cannot sign in.
Troubleshooting sign-in
• No verification/invite email — Check spam/junk and corporate filters; ask an Admin to resend the invite.
• Seat limits — If the invite does not work and your plan’s seats are full, an Admin must free a seat or upgrade (see Plans & Billing).
• Service status — If sign-in fails broadly, review Uptime Status before retrying.
• Escalation — Provide your email, organization name, approximate timestamp, and any error message to support when requesting assistance.
Security recommendations
• Use Enterprise SSO where available — Centralized identity reduces credential risk.
• Limit shared accounts — Assign individual accounts and revoke access promptly when roles change.
• Follow least privilege — Grant Admin only to those who manage users and structure; all others should use the User role.