Signing In to Lucca Solutions

Background information

Different authentication methods exist for accessing Lucca’s solutions using your web browser, so you can sign in to your platform and the various solutions chosen by your company. These are:

  • A traditional sign-in screen. You use a login name and password
  • Single Sign-On (SSO)
  • Magic link
  • API key (tech)

If everything is properly configured and you still cannot log in, please refer to the verification steps.

The different methods in detail


The most common way of signing in is using a login name/password. This method allows you to access the applications directly from your Lucca website (

The first time you sign in to a Lucca solution, click on the ‘First login’ link underneath the sign in area and follow the instructions. You will receive an email with a link through which you can choose a password.

If you do not receive an email, it is undoubtedly because your email address was entered incorrectly into your user file. In this case, contact your internal administrator to change it. Usually this person is someone in the HR or administrative department.


You can define the security policy for users’ passwords.

Single Sign-On (SSO)

SSO (Single Sign-On) allows you to use a third-party application’s authentication system to access Lucca solutions.

You will find the full list of authentication systems that Lucca supports and all necessary documents on the following help page: Single Sign-On (SSO).

Depending on the SSO used, you will have a link on the sign-in screen so you can log in without entering login information. Below is an example of Google SSO enabled on the platform. We can also enable a dual sign in mode (as in the screenshot below) with both SSO and a login name and password area.


Magic link

Lucca also allows you to sign in to mobile apps and your Lucca website using a ‘magic link’ without entering your login name and password. To do this, enter your email address to get a notification in your inbox, which will directly sign you in without having to enter a password.

The email address you enter must be linked to your Lucca platform. If you do not get an email, contact the person in charge of managing the solution within your company.

You can generate this magic link on the Lucca website to sign in to your instance: Lucca magic link.

This is the email notification that you will receive after requesting a magic link. Simply click on the ‘Log in’ button to access your platform.


API key (technical use)

API keys will allow you to authenticate yourself when you directly call our APIs for integration between Lucca and external applications.

To get an API key, go to the /admin/apikeys module for your Lucca instance. If you cannot access this module, ask your Lucca administrator to create it for you.

Once you have your key, you must include it whenever you call the API, using the HTTP ‘Authorization’ Header.

On the other hand, instead of using Basic authentication, use the keyword ‘Lucca’, which allows us to identify this specific type of access.

GET Authorization: Lucca application=eb1b5a84-dc51-417c-bf79-abcfc97b40e2

For more information, please refer to our technical documentation.

If you cannot sign in

There are several verification steps to try before contacting the Lucca help desk. These are:

  • Are you using the correct login information?
    Important! Passwords are case sensitive, and most login names do not match email addresses. If you do not know your login name, contact the internal administrator for your website.
  • Are you using the right password?
    You can reset it by clicking on the ‘I forgot my password’ link on the login page.
  • Do you have access to one of Lucca’s solutions?
    If needed, ask your administrator to verify what roles you have in your user file (Co-workers > HR file)
  • Did your contract end date go by or is your contract start date in the future?
    Timmi Absences access is enabled the day you arrive and is disabled on the exit date entered into your user file. Ask your administrator to check this information.
If you are still locked out, your administrator can also reset your password from your HR file. This is a temporary password and you will have to change it the next time you sign in to the platform.

Can I allow my users to choose their sign-in method?

Actually, you have the option to enable or disable different authentication methods. For example, you can disable login/password sign-in if you want to make SSO mandatory. From the website, you can also disable magic link sign-in.

Is it possible to force a renewal of the regular authentication if I do not use SSO?

Yes, if login/password connection is activated, the configuration of the "Remember me" option allows users to have a session duration of 2 months. If this option is disabled, the user session duration is 24 hours.

Can I set up SSO for mobile apps?

No, SSO will only allow you to log in to your Lucca instance from a web browser. For mobile apps, the only options are magic link, login/password and mobile connection code.

Can I prevent users from using the mobile apps?

Yes. You must disable the login/password, mobile connection code and magic link options. Important: this also prevents users from being able to sign in from a web browser using these method. They will only have the SSO option.

Can I set up different SSOs to access my Lucca instance?

Of course. You can set up several SSOs to access your instance. Users will have to choose the one they want to use on the sign-in page.

Page content

Was this article helpful?
66 out of 144 found this helpful