This guide explains how login credentials, password rules, account lockouts, and Single Sign-On (SSO) behavior work in SimplyMerit, and what HR Administrators can do to support users who experience access issues.
How Users Log In to SimplyMerit
Users access SimplyMerit by navigating to:
Depending on your organization’s configuration, users may log in using:
A SimplyMerit username and password, or
Single Sign-On (SSO) if enabled
Invitation-Based Account Access
Users must be invited to SimplyMerit before they can log in.
When invitations are enabled:
Users receive an email from support@simplymerit.com
The email includes an Accept Invitation link
Users create their own password during first-time access
If a user never accepts their invitation, they will not be able to log in.
Password Requirements and Management
When password-based login is used:
Passwords are created by the user during invitation acceptance
Passwords are managed entirely by the user
HR Admins cannot view or retrieve user passwords
If a user forgets their password, they must use the Forgot your password? link on the login screen.
Password Reset Process
When a user selects Forgot your password?:
They enter their email address
SimplyMerit sends a password reset email
The user follows the link to set a new password
Password reset emails are sent from support@simplymerit.com, so proper email whitelisting is required.
Account Lockout Behavior
SimplyMerit automatically locks a user account after three invalid login attempts.
When an account is locked:
The user must wait 15 minutes
No additional login attempts should be made during this time
The system automatically unlocks the account after the wait period
Attempting to log in repeatedly during the lockout window will extend access issues.
Regaining Access After Lockout
After the 15-minute lockout period, the user may:
Log in using the correct password, or
Trigger the password reset process
No admin intervention is required for the account to unlock.
Single Sign-On (SSO) Login Behavior
If your organization uses SSO:
Users authenticate through your identity provider (IdP)
SimplyMerit passwords are not used
Password resets are handled by your IT team, not SimplyMerit
The Forgot your password? link will not apply to SSO users.
If an SSO user cannot log in, the issue is typically related to:
Missing IdP assignment
Incorrect security group membership
Identity provider access restrictions
SimplyMerit login restrictions set on the SimplyMerit side
HR Administrator Controls Related to Login Access
HR Admins can manage access from the SimplyMerit side by:
Enabling or disabling invitation-based access
Locking or unlocking users manually (if applicable)
Controlling whether users may log in before or after cycle launch
Enforcing access restrictions during configuration or testing
These controls allow HR to manage access without relying on IT for day-to-day issues.
Common Login Issues and Resolutions
| Issue | Likely Cause | Resolution |
|---|---|---|
| User never received invitation | Email blocked or not sent | Verify email, resend invite, confirm whitelisting |
| Password reset email missing | Email filtering | Check spam/quarantine, confirm whitelisting |
| Account locked | Too many login attempts | Wait 15 minutes, then retry |
| SSO login fails | IdP permissions | IT must update IdP assignment or security group |
When to Escalate
Escalate to SimplyMerit Support if:
Invitations are not being generated
Login failures persist after correct configuration
SSO behavior does not match expected setup
Escalate to your IT team if:
SSO users cannot authenticate
Security groups or IdP assignments need updating
Summary
Understanding how login, passwords, and account lockouts work helps HR Admins quickly resolve access issues and reduce cycle delays. Proper email whitelisting, clear SSO coordination with IT, and correct user invitations prevent most login-related problems.
→ Next : Guide: Admins Getting Started Part 6 - Configuring Performance Rating Systems
Comments
0 comments
Please sign in to leave a comment.