Background information
Different authentication methods exist for accessing Lucca’s solutions using your web browser, so you can sign in to your platform and the various solutions chosen by your company. These are:
- A traditional sign-in screen. You use a login name and password
- Single Sign-On (SSO)
- Magic link
- API key (tech)
If everything is properly configured and you still cannot log in, please refer to the verification steps.
The different methods in detail
Login/Password
The most common way of signing in is using a login name/password. This method allows you to access the applications directly from your Lucca website (mycompany.ilucca.net).
If you do not receive an email, it is undoubtedly because your email address was entered incorrectly into your user file. In this case, contact your internal administrator to change it. Usually this person is someone in the HR or administrative department.
You can define the security policy for users’ passwords.
Single Sign-On (SSO)
SSO (Single Sign-On) allows you to use a third-party application’s authentication system to access Lucca solutions.
You will find the full list of authentication systems that Lucca supports and all necessary documents on the following help page: Single Sign-On (SSO).
Depending on the SSO used, you will have a link on the sign-in screen so you can log in without entering login information. Below is an example of Google SSO enabled on the platform. We can also enable a dual sign in mode (as in the screenshot below) with both SSO and a login name and password area.
Magic link
Lucca also allows you to sign in to mobile apps and your Lucca website using a ‘magic link’ without entering your login name and password. To do this, enter your email address to get a notification in your inbox, which will directly sign you in without having to enter a password.
You can generate this magic link on the Lucca website to sign in to your instance: Lucca magic link.
This is the email notification that you will receive after requesting a magic link. Simply click on the ‘Log in’ button to access your platform.
API key (technical use)
API keys will allow you to authenticate yourself when you directly call our APIs for integration between Lucca and external applications.
To get an API key, go to the /admin/apikeys
module for your Lucca instance. If you cannot access this module, ask your Lucca administrator to create it for you.
Once you have your key, you must include it whenever you call the API, using the HTTP ‘Authorization’ Header.
On the other hand, instead of using Basic authentication, use the keyword ‘Lucca’, which allows us to identify this specific type of access.
GET https://sandbox.ilucca-demo.net/api/v3/users Authorization: Lucca application=eb1b5a84-dc51-417c-bf79-abcfc97b40e2
For more information, please refer to our technical documentation.
If you cannot sign in
There are several verification steps to try before contacting the Lucca help desk. These are:
- Are you using the correct login information?
Important! Passwords are case sensitive, and most login names do not match email addresses. If you do not know your login name, contact the internal administrator for your website. - Are you using the right password?
You can reset it by clicking on the ‘I forgot my password’ link on the login page. - Do you have access to one of Lucca’s solutions?
If needed, ask your administrator to verify what roles you have in your user file (Co-workers > HR file) - Did your contract end date go by or is your contract start date in the future?
Timmi Absences access is enabled the day you arrive and is disabled on the exit date entered into your user file. Ask your administrator to check this information.
Can I allow my users to choose their sign-in method?
Actually, you have the option to enable or disable different authentication methods. For example, you can disable login/password sign-in if you want to make SSO mandatory. From the lucca.fr website, you can also disable magic link sign-in.
Is it possible to force a renewal of the regular authentication if I do not use SSO?
Yes, if login/password connection is activated, the configuration of the "Remember me" option allows users to have a session duration of 2 months. If this option is disabled, the user session duration is 24 hours.
Can I set up SSO for mobile apps?
No, SSO will only allow you to log in to your Lucca instance from a web browser. For mobile apps, the only options are magic link, login/password and mobile connection code.
Can I prevent users from using the mobile apps?
Yes. You must disable the login/password, mobile connection code and magic link options. Important: this also prevents users from being able to sign in from a web browser using these method. They will only have the SSO option.
Can I set up different SSOs to access my Lucca instance?
Of course. You can set up several SSOs to access your instance. Users will have to choose the one they want to use on the sign-in page.