User Authentication and Provisioning

Andrew Sawusch Updated by Andrew Sawusch

CaliberMind is a passwordless system. It doesn't create or store user passwords. Instead, we utilize trusted platforms for user authentication and verification.

When logging into CaliberMind as a new user, you will be set to the default user role as set by your administrator. Note that if your default is set to "disabled," then you'll need to be activated by your administrator.

To login, go to https://my.calibermind.com/login and click one account to login by the following options:

  • Sign in with Google
  • Sign in with Salesforce
  • Sign in with Microsoft Account
  • Sign in with SSO

CaliberMind Authentication

Below is a short list of login methods people use for CaliberMind.

CaliberMind Authentication	Options
Salesforce

For organizations that use Salesforce CRM, CaliberMind offers user authentication via Salesforce Identity services. This method allows users to sign in with their username and password the same way they normally would to login to the Salesforce platform, following the same security measures you've enabled for your organization in Salesforce (automatic sign-in, Two-Factor Authentication, etc.).

Users who choose to authenticate through Salesforce can be reviewed via the Admin console -> Security Center -> "Investigation tool" as outlined here.

Logging into via Salesforce requires that you have a verified email address within Salesforce. This is for security reasons and protects both parties from malicious activity by way of the user's Salesforce account. Here is a Salesforce KB article explaining how to verify an email address in your Salesforce Settings.
Google

If your organization uses Google Workspace, CaliberMind allows user authentication via Google Identity OAuth 2.0. This method allows users to sign in with their company-issued email and self-designated password, which is then authenticated and authorized based on your organization's security protocols (automatic sign-in, Two-Factor Authentication, etc.).

Users who have authenticated through this method can be reviewed via the Audit and Investigation reporting "User Log Events" as outlined here.

Microsoft

If your organization allows users to log in with a Microsoft Account, CaliberMind allows user authentication via the Microsoft Identity Platform. Users must have a Microsoft Account, or the organization must have registered an application with the Microsoft Identity Platform to allow this option. This method allows users to sign in with their Microsoft Account with the same authentication methods required by your organization's user management and security settings.

Users who authenticate through this method can be reviewed via the Monitoring "Sign-in logs" section as outlined here.

SSO

If your organization requires service provider (SP) SAML authorization through an identity provider such as Auth0, Okta, Microsoft Azure AD, or OneLogin, CaliberMind offers user authentication via your organization's custom SSO configuration. While this option is available for Enterprise customers or organizations that require additional degrees of authentication control, additional connector fees may apply.

For setup and additional information, please see our KB Article here.

User Provisioning

After your organization has finalized a contract with CaliberMind, we will provision your organization's CaliberMind environment. Once this is complete, we will add the email address of your organization's project leads as an Administrator.

When an individual logs into the CaliberMind platform using the email address in an uploaded list with appropriate roles provided to CaliberMind during onboarding, they will automatically be assigned the designated user role.

Previously, roles were limited to Admins and Standard users. These roles provided access to everything (Admins), or everything but the settings pages (Standard User). We’ve recently added a new Sales role, to join the Admin and Standard User roles. Given that seller needs are more use-case specific (e.g., defining a buying group, understanding which prospects are engaging with an account, etc.), we’ve limited their access to those use cases. In order to accommodate members of the Sales Team, we’ve removed some points of confusion and kept the application focused on what the Sales Team needs.

Inside the CaliberMind platform, there are 4 types of user roles:

  • Administrator: Able to add new users, modify user roles, add or remove connectors, configure engagement scoring, configure object manager, download lists, create dashboards, etc.
  • Standard: Able to view reports
  • Sales: Able to view specific use-case reports, such as:
    • Analytics - Engagement Dashboard - (no Explore Tab)
    • Analytics - Funnels Dashboard
    • Search - Campaign Overview - (no Attribution tab)
    • Search - Company Overview - (no Attribution tab)
    • Search - Opportunity Overview - (no Attribution tab)
    • Search - Person Overview - (no Attribution tab)
  • Disabled: Blocked from accessing the CaliberMind environment

For individuals who were not previously added as users within the CaliberMind platform, once a user has authenticated their email through one of the available authentication methods, the user's email domain is matched against your organization's website domain used when your CaliberMind environment was first provisioned.

If the user's email domain matches your organization's website domain, then the user is auto-provisioned. Individuals who are auto-provisioned will have a new user created using the "Default New User Role" set for the organization in your Setup Console.

If the "Default New User Role" is set as "Disabled" (this is the option we select when your CaliberMind environment is first provisioned), then the user will be created with a "Disabled" role and will not be able to access your instance. An Administrator will need to change their user role to "Standard" or "Administrator" to allow them access to the system.

If the "Default New User Role" is set as "Standard", then the user will be created with a "Standard" role and immediately gain access to reports.

It's possible for users with email domains that don’t match your organization's domain to be provided with access to your CaliberMind environment. However, a user with Administrator role permissions must manually invite them to provide access. Otherwise, they will be blocked from accessing the system.

For additional information on how to add new users or modify user roles, please see our KB Article here.

How did we do?

Manage Users - Viewing, Inviting, Updating Users and Roles

CaliberMind Data Warehouse Access in Google BigQuery

Contact