The granular access control enables users' roles and responsibilities to be set so that individuals are given access only to relevant areas or functions of the system.
Sign Up Options
We DO NOT store any users' credentials, only the name, email, and profile picture (if available) after a user is successfully authenticated with Google.
A Google account accepts any type of email, not only Gmail. You can link an existing email to a Google Account. Here is how. Unfortunately, with multiple emails, Google will always log you in with the Gmail one. The best approach would be to create a new Google Account with your non-Gmail email, add that account to your project as a MANAGER user, then transfer the ownership to that account. Please make sure you can log in with both accounts before transferring the ownership.
On supported iOS devices (running iOS 13+) users have the option to sign in with Apple.
Available since version 4.0.0
Please be careful when signing in for the first time. The user email is the unique identifier within the Epicollect5 platform so it is usually recommended you share your personal email when logging in instead of using the one provided by Apple.
There is also the option to log in only by providing an email.
When logging in to the web application, a magic link will be sent to the user inbox.
When logging in to the mobile app, a one-off six digits code is sent instead.
Any email can be used, not only Google or Apple accounts
Both the magic link and the one-off code expire after 30 minutes and can be used only once. Once authenticated, each session will last 24 hours. When the session expires, a new magic link or one-off code must be requested.
Available since version 4.0.0
When using multiple providers with the same email, users will be asked to confirm their identity. A six-digit code will be sent to their inbox the first time they try to use the same email with a different provider.
Users can view what email they are currently logged in with and what account providers they have verified on their profile page. To access the profile page the users need to click on their name on the top navigation bar.
There are 5 roles available:
If a project has access type 'private', user access will be based on their roles, as described above, provided they have been successfully authenticated by the server. Viewing, editing, deleting a project, deleting entries on the server will be based on the above roles and requires authentication.
If a project has access type 'public', then any user can view and upload data to that project via the mobile client, without any authentication, but editing and deleting a project (or entries) on the server will be based on the above roles and still requires authentication.
Adding users to a project
Users can add other users (with different roles) to a project depending on their user role, see below table:
To add a user to a project, on the project details page click on "Manage Users". Users are divided by roles, and to add one just click on "Add User" on the right.
Enter an email of an existing Epicollect5 user and select the role you would like to set the new user to:
When you add a user to a project, the system does not send any notification email to that user. However, once the user logs into Epicollect5, access to the project will be granted based on the role specified if the email address matches.
Add users in bulk
It is possible to add users in bulk uploading a
csv file of user emails, like the one below.
Click on the arrow to show the context menu and click on "Import Users csv".
Pick the column which contains the email addresses and select the role to be applied to your new users then click on import.
Your users are now imported.
Switch user roles
At any time you can upgrade or downgrade user roles and capabilities.
Find the user you would like to upgrade, for example from COLLECTOR to CURATOR and click the "Switch Role" button.
The user is now a CURATOR
Remove users in bulk
Users can be removed in bulk by role.
For example, to remove all the COLLECTOR users go to the "Collectors" tab and open the context menu on the right.
Users can be exported as a
zip file containing the user emails as one
csvfile per each role and a global one with all the users regardless of the role.