Skip to main content
Sign in with email lets users access incident.io with a one-time code sent to their email address. Use it alongside Slack, Microsoft Teams, or SAML SSO to give users a direct dashboard sign-in option. Email sign-in is also useful as an emergency access route when your normal identity provider or communications platform sign-in path is unavailable.

When to use email sign-in

Email sign-in gives users another way to reach incident.io without going through Slack, Microsoft Teams, or your identity provider. You might enable it when:
  • You want to invite users by email before they have connected a Slack or Microsoft Teams account
  • You have dashboard-only users who do not regularly work from your communications platform
  • You want a fallback sign-in route if your identity provider is down or misconfigured
  • You need access to incident.io while investigating an authentication incident
Email sign-in depends on users being able to receive email. If you rely on it for emergency access, make sure your internal process accounts for any dependency between your email provider and identity provider.

Enable email sign-in

You need Admin or Owner permissions in incident.io. Admins can manage this setting if they have the Manage security settings permission.
  1. Navigate to Settings → Security
  2. Find Email OTP login
  3. Enable the setting
Once enabled, users can sign in using a one-time code sent to their email address.
If your organization uses SAML SSO, users without the Bypass SAML permission will still be sent through your SAML provider after entering an email code.

Sign in using email

To sign in with email:
  1. Go to app.incident.io
  2. Choose the email sign-in option
  3. Enter the email address associated with your incident.io user
  4. Use the one-time code sent to your email address to finish signing in

Use email sign-in as a break-glass access pattern

Email sign-in works well as a break-glass access pattern when Slack, Microsoft Teams, or your SAML provider is unavailable. Enable email sign-in all the time, rather than waiting for an outage, so the fallback path is ready when you need it. To prepare:
  • Confirm your Owners and key Admins have email addresses that can receive login codes during an outage
  • Keep at least one Owner or Admin able to manage security settings
  • If you use SAML, give at least one Owner or Admin the Bypass SAML permission before an outage so they can sign in with email if your SAML provider is unavailable
  • Test the flow after enabling it, then include it in your internal access runbooks
During a SAML outage, that Owner or Admin can sign in with email and grant Bypass SAML to every user, or every user who needs access during the incident. Users can then sign in with email codes without being sent through the unavailable SAML provider. After the outage, review changes to the setting and permissions in audit logs, then remove any temporary Bypass SAML access you no longer need.