User Management
Everything you need to know about logging into Olive Helps
Olive Helps has 2 forms of authentication: SSO using Active Directory or OAuth using an Olive account.

Active Directory Accounts / Single Sign-on

For enterprises that use Azure Active Directory, we support SSO by allowing your employees to use your organization’s Azure AD domain to log in to Olive Helps. If you have Olive Helps installed, you can sign in using your existing authenticated AD credentials and will gain access to the desktop application based on your inherited AD policies.
Please note: Although we do sync groups from your Azure AD domain upon log in, we do not currently leverage those to drive permissions. When it comes to questions like “what PHI would logging in give you access to,” the answer is: when you log in to Olive Helps, you don’t get access to any extra PHI that you didn’t already have permission to access. Based on the way Olive Helps works, the app accesses what you can see -- the app doesn’t have any inherent permission or access of its own.
To allow your employees to log in to Olive Helps using their Azure Active Directory accounts, there are two steps that you or your IT/IAM team needs to complete.
  1. 1.
    Send your Olive contact the Azure AD domain and the list of IdP domains (list of email domains that can be authenticated in their Azure AD). This will be used to configure our Authentication provider with the information needed to enable this enterprise connection - including being able to map your list of email domains to your organization’s Azure AD domain.
  2. 2.
    Once we configure our Auth provider with this information, an Azure AD administrator will need to approve our registered Azure app for your Azure AD domain. We will let you know when we are ready for you to do this step. You can further refine who can log in to Olive Helps through Azure AD, but this isn’t something that Olive suggests unless you think that it’s necessary to keep certain users from leveraging your AD domain for logging in to Olive Helps.
Use something other than Azure Directory? Contact us for your custom integration.

Olive Accounts

You can use Olive Helps to sign up for and log in with an Olive account. These accounts have strict requirements like email verification, minimum password strength, password reset frequency, and require TOTP-based multi-factor authentication.

Olive account security requirements and features

Security features

  • Email verification upon account creation
  • TOTP-based MFA
  • Max required re-login threshold: 7 days (note: Olive Helps enforces a 1 day limit instead of 7 days)
  • Max inactivity period: 72 hours (note: Olive Helps enforces a 24 hour limit instead of 72 hours)
  • Suspicious IP throttling: block traffic from any IP address that rapidly attempts too many logins or signups across accounts
  • Brute-force protection: 10 consecutive failed login attempts from a single user triggers a block

Password requirements

  • Password reset frequency: 90 days
  • No more than 2 identical characters in a row
  • Require lower case, upper case, numbers, and special characters ([email protected]#$%^&*)
  • Minimum length: 8 characters
  • Password history: 6 passwords (cannot reuse recent passwords)
  • Cannot use one of the 10,000 most used passwords
  • No personal data -- do not allow passwords that contain any part of the user's personal data

Create your Olive account

Start Olive Helps. On the login screen, click the Join tab. Fill out the required fields, accept the terms of service, and click Join to create your account.
Olive Account Creation

Set up Multi Factor Authentication

We require multi factor authentication (MFA/2FA) to log in to Olive Helps. You have the choice of using either an authenticator application (such as Google Authenticator or Duo), or an SMS process to verify your access upon sign-in. Steps for configuring MFA for Olive Helps can be found below for both of the available options. You only need to enable one form of MFA to successfully authenticate.

Option A: Enabling MFA with an Authenticator

Step 1: Enrollment Screen

After you register for an account, you will be met with an MFA enrollment screen that asks you to scan a QR code with an authenticator app, with an alternative option to use SMS (see the SMS MFA instructions within this guide if you intend to use this option).

Step 2: Scan QR Code and Enter Code

Open your authenticator app of choice on your phone - some of our recommendations include: Authy, DUO, or Google Authenticator. With your authenticator open, scan the displayed QR code from your Olive Helps login window. Once the QR code has been successfully scanned, your authenticator will generate a code to enter into the login window.

Step 3: Recovery Code

Next, you'll be given the opportunity to copy and store your MFA recovery code in case you lose access to your MFA device. The box verifying that you have stored your code must be checked before proceeding.

Step 4: Successfully Configured MFA

Once you have moved past the window for storing your recovery code, you'll see a success screen verifying that your MFA solution has been configured. To finish logging into the app, hit the continue option.

Option B: Enabling MFA with SMS

Step 1: Enrollment Screen

After registering for an account, you will see a MFA enrollment screen. To use SMS instead of an authenticator, select the option at the bottom indicating you would rather receive a text message.

Step 2: Enter Phone Number

Once SMS has been selected, you will be prompted to enter the phone number you would like to use for verification.

Step 3: Receive Text Message and Enter Code

You will receive a code via text message to enter into the login window. Enter the code to proceed.

Step 4: Recovery Code

Next, you'll be given the opportunity to copy and store your MFA recovery code in case you lose access to your mobile device. The box verifying that you have stored your code must be checked before proceeding.

Step 5: Successfully Configured MFA

Once you have moved past the window for storing your recovery code, you will see a success screen verifying that your SMS MFA solution has been configured. To finish logging into the app, hit the continue option.

Verify your account

Go to your email client and look for an email titled Olive Helps verification. Open it and click Confirm my account.
Confirmation Email
This will open a browser window to verify your email -- you may close this window once you see the green check below. That's it! You now have an Olive account.
Email Verified

Last modified 6d ago