Skip to content

Authentication

VerifyDMARC offers multiple convenient authentication methods to access your account. This page explains each option, how to use them, and best practices for security.

Authentication Methods

VerifyDMARC supports three ways to authenticate:

  1. Email One-Time Code
  2. Microsoft 365 Single Sign-On
  3. Google Single Sign-On

Each method is designed to provide secure access while balancing convenience for your organisation.

Email One-Time Code

The Email One-Time Code method sends a time-limited code to your registered email address each time you log in.

How it works:

  1. On the VerifyDMARC sign-in page, enter your email address
  2. Check your email inbox for a message from VerifyDMARC containing your one-time code
  3. Enter the code on the sign-in page

Best suited for: Individual users or users who prefer not to use third-party authentication

Microsoft 365 Single Sign-On

Microsoft 365 Single Sign-On allows authentication using your work or school Microsoft account through Microsoft Entra ID (formerly Azure AD).

How it works:

  1. On the VerifyDMARC sign-in page, select the "Continue with Microsoft 365" button
  2. You'll be redirected to Microsoft's authentication flow
  3. Sign in with your work or school account if not already signed in
    • First Time: Grant permission for VerifyDMARC to access your basic account information
  4. You'll be automatically redirected back to VerifyDMARC and signed in

Best suited for: Organisations using Microsoft 365 or Microsoft Entra ID

Note: This option is specifically for Microsoft 365 work or school accounts managed by your organisation. It does not support personal Microsoft accounts.

Google Single Sign-On

Google Single Sign-On allows you to sign in using your Google account credentials, eliminating the need for separate authentication steps.

How it works:

  1. On the VerifyDMARC sign-in page, select the "Continue with Google" button
  2. You'll be redirected to Google's authentication flow
  3. Sign in with your Google account if not already signed in
    • First Time: Grant permission for VerifyDMARC to access your basic account information
  4. You'll be automatically redirected back to VerifyDMARC and signed in

Best suited for: Organisations using Google Workspace

Switching Between Authentication Methods

You can switch between authentication methods at any time by selecting the appropriate option on the sign-in page. Your account will work with any of the supported authentication methods as long as the email address matches your VerifyDMARC user account.

If you've previously used one method (e.g., email one-time code) and want to switch to a single sign-on option, simply select the new authentication method on the sign-in page.

Multi-Organisation Access

If you have access to multiple VerifyDMARC organisations, you'll be prompted to select which organisation to access after authentication. You can later switch between organisations using the organisation selector in the header.

The authentication method you use does not affect which organisations you can access — that is determined by your user permissions in each organisation.

Security Best Practices

For optimal security when accessing VerifyDMARC:

  1. Keep email accounts secure - Since email is used for one-time code delivery, ensure your email account has strong security (including multi-factor authentication)
  2. Don't share authentication credentials - Each user should have their own account with appropriate permissions
  3. Promptly remove access for users who leave your organisation:
    • Revoke access to their email account
    • Block their accounts in your identity providers (Google or Microsoft)
    • Remove them from your VerifyDMARC organisation (see Users page)

Troubleshooting

  • "You are not currently a member of any organisation." - Ask your VerifyDMARC Organisation Admin to add you as a user or sign up a new organisation

Email One-Time Code Issues

  • Not receiving the code email? Check your spam folder and ensure your email provider is not blocking messages
  • Code expired or invalid? Request a new code by starting the sign-in process again
  • Still having problems? Contact support@verifydmarc.com

Single Sign-On Issues

  • "Account not found" error - Ensure the email address associated with your identity provider account matches the email address registered as a user in VerifyDMARC
  • Permission errors - You may need additional permissions granted by your identity provider (Microsoft or Google) administrator to authorise the application

If you're experiencing persistent authentication issues, please contact support@verifydmarc.com for assistance.