Skip to main content

Overview

StatusStack supports multiple authentication methods to fit your security requirements, from simple email/password to enterprise SSO.

Authentication Methods

Email & Password

Traditional username/password authentication

Google OAuth

Sign in with your Google account

Microsoft OAuth

Sign in with Microsoft/Azure AD

SAML 2.0

Enterprise single sign-on (Enterprise plan)

Email & Password

Creating an Account

1

Sign Up

Visit statusstack.com/register
2

Enter Details

Email: your@company.com
Password: (8+ characters, mix of letters/numbers/symbols)
Company Name: Your Company
3

Verify Email

Check your email for verification linkClick link to activate account
4

Complete Setup

Set up your first team and Stack

Password Requirements

Minimum requirements:
  • 8 characters minimum
  • At least one uppercase letter
  • At least one number
  • At least one special character
Recommended:
  • 12+ characters
  • Use a password manager
  • Unique password (not reused)
  • Enable 2FA for added security

Password Reset

1

Request Reset

Go to statusstack.com/forgot-password
2

Check Email

Reset link sent to your emailValid for 1 hour
3

Set New Password

Click link and enter new password

OAuth Authentication

Google Sign-In

1

Click Google Sign-In

On login page, click “Sign in with Google”
2

Select Account

Choose your Google account
3

Grant Permissions

Allow StatusStack to:
  • View email address
  • View basic profile info
4

Logged In

Automatically redirected to dashboard
Benefits:
  • No password to remember
  • Automatic security from Google
  • Faster login
  • Google 2FA supported

Microsoft Sign-In

1

Click Microsoft Sign-In

On login page, click “Sign in with Microsoft”
2

Enter Microsoft Email

Use your work or personal Microsoft account
3

Authenticate

Complete Microsoft authenticationSupports Azure AD and MFA
4

Logged In

Redirected to dashboard
Enterprise benefits:
  • Integrates with Azure AD
  • Respects conditional access policies
  • Supports multi-factor authentication
  • Centralized account management

Two-Factor Authentication (2FA)

Add an extra layer of security:

Enabling 2FA

1

Open Security Settings

Dashboard → SettingsSecurityTwo-Factor Authentication
2

Choose Method

Recommended
  1. Install authenticator app (Google Authenticator, Authy, 1Password)
  2. Scan QR code
  3. Enter 6-digit code
  4. Save backup codes
3

Save Backup Codes

Important: Store backup codes securely
XXXX-XXXX-XXXX
XXXX-XXXX-XXXX
XXXX-XXXX-XXXX
Use if you lose access to 2FA device
4

2FA Enabled

Required on every login

Using 2FA

Login flow with 2FA:
  1. Enter email and password
  2. Prompted for 6-digit code
  3. Open authenticator app
  4. Enter current code
  5. Logged in
Trusted devices:
  • Optionally mark device as trusted
  • Skip 2FA for 30 days on that device
  • Can revoke trust anytime

SAML 2.0 SSO (Enterprise)

Enterprise single sign-on integration:

Supported Identity Providers

  • Okta
  • Azure AD
  • Google Workspace
  • OneLogin
  • Auth0
  • JumpCloud
  • Custom SAML 2.0 providers

SAML Setup

1

Contact Sales

SAML SSO requires Enterprise planEmail: sales@statusstack.com
2

Configure IdP

In your identity provider:
ACS URL: https://statusstack.com/saml/acs
Entity ID: https://statusstack.com
Name ID Format: Email Address
3

Provide Metadata

Share SAML metadata XML with StatusStack:
  • IdP Entity ID
  • SSO URL
  • Signing Certificate
4

Configure StatusStack

StatusStack team configures:
  • SAML endpoint
  • Attribute mapping
  • Domain verification
  • JIT provisioning (optional)
5

Test Connection

Test SSO flow:
  1. Visit statusstack.com/login
  2. Enter work email
  3. Redirect to IdP
  4. Authenticate
  5. Return to StatusStack

Just-in-Time (JIT) Provisioning

Auto-create accounts on first login: 
SAML Attributes Mapping:
  Email: email
  First Name: firstName
  Last Name: lastName
  Department: department
  Role: role (optional)

JIT Settings:
  Auto-create users: Yes
  Default team: Automatically assigned
  Default role: Member
Benefits:
  • No manual user creation
  • Automatic onboarding
  • Consistent with IdP

Session Management

Session Duration

Default session length:
  • Web: 7 days (with activity)
  • Mobile: 30 days
  • API tokens: No expiration (revocable)
Extend or reduce:
  • Enterprise: Configure custom session duration
  • Security → Session Settings

Active Sessions

View and manage sessions: Dashboard → SettingsSecurityActive Sessions 
Device: Chrome on macOS
Location: San Francisco, CA
Last Active: 5 minutes ago
[Revoke]

Device: Safari on iPhone
Location: San Francisco, CA
Last Active: 2 hours ago
[Revoke]
Revoke suspicious sessions immediately

Security Best Practices

Requirements:
  • 12+ characters
  • Mix of uppercase, lowercase, numbers, symbols
  • Unique (not reused elsewhere)
  • Use a password manager
Mandatory for:
  • Organization owners
  • Admins
  • Users with access to production Stacks
Recommended for: Everyone
Benefits:
  • Centralized authentication
  • Automatic deprovisioning
  • Enforced security policies
  • Audit logging
Monthly:
  • Review active sessions
  • Revoke unknown devices
  • Check login locations
  • Verify login times
Authentication logs track:
  • Successful logins
  • Failed attempts
  • Password changes
  • 2FA events
  • OAuth connections
Available: SettingsSecurityLogin History

Troubleshooting

Can’t Login

Issue: “Invalid credentials” error Check:
  1. Email address is correct
  2. Password is correct (case-sensitive)
  3. Account is verified (check email)
  4. Account is not locked
Solutions:
  • Reset password
  • Check spam folder for verification email
  • Contact support if account locked

2FA Code Not Working

Issue: “Invalid code” error Check:
  1. Clock on device is synchronized
  2. Entering current code (refreshes every 30s)
  3. Using correct authenticator app
Solutions:
  • Use backup code
  • Disable and re-enable 2FA
  • Contact support for 2FA reset

OAuth Login Failing

Issue: “Error connecting to [Google/Microsoft]” Check:
  1. Pop-ups are allowed
  2. Third-party cookies enabled
  3. Not using private/incognito mode
Solutions:
  • Allow pop-ups for statusstack.com
  • Try different browser
  • Use email/password instead

SAML Not Working

Issue: “SAML authentication failed” Check:
  1. SAML is configured for your domain
  2. IdP metadata is current
  3. Certificates not expired
Solutions:
  • Contact your IT administrator
  • Email support@statusstack.com with:
    • Organization name
    • Email address
    • Screenshot of error

Next Steps

Security Settings

Configure security settings

Team Management

Invite team members

Subscription Plans

Compare plans