Skip to main content

SSO Infrastructure - Phase 1 Feature Guide

1. Overview

Single Sign-On (SSO) lets you access the Fiftyknots platform with one secure login across all your sessions and devices. You authenticate once using a one-time password sent to your email, then move freely between tools - from the AI Studio to your data room to analytics dashboards - without logging in repeatedly. This infrastructure powers secure access for founders, Sherpas, experts, and team collaborators while tracking active sessions and preventing unauthorized access.

2. Step-by-Step Guide

  1. Navigate to the Login page (/login) and enter your email address associated with your Fiftyknots account.
  2. Check your email for a one-time password (OTP). The system sends you a secure code valid for a limited time.
  3. Enter the OTP on the verification screen. If you’re a Sherpa, you’ll use the Sherpa-specific verification endpoint. Founders and experts use the standard flow.
  4. Access granted - You’re now logged into the platform. The system creates a session and issues authentication tokens that keep you signed in across all Fiftyknots pages.
  5. View active sessions by navigating to your profile settings. You can see all devices where you’re currently logged in and revoke access to any session remotely via the sessions management endpoint.
  6. Log out when you’re finished. Use the logout button in the navigation menu, or the system will automatically end your session after extended inactivity.
  7. Generate auth codes (advanced users only) if you’re integrating Fiftyknots with external tools. Use the generate-auth-code endpoint to create temporary access codes that can be exchanged for full session tokens.

3. Common Questions

Q: What happens if I lose access to my email during a session?
A: Your current session remains active until you log out or it expires. You can continue working, but you won’t be able to start new sessions on other devices until you regain email access. Contact support if you need to update your email address. Q: Can I be logged in on multiple devices at once?
A: Yes. You can have active sessions on your laptop, tablet, and phone simultaneously. View all active sessions through the session management interface and revoke any session if you suspect unauthorized access. Q: How long does my login session last?
A: Sessions remain active as long as you’re using the platform. Extended periods of inactivity will trigger an automatic logout for security. You’ll receive a warning before the system ends your session due to inactivity. Q: What’s the difference between the standard and Sherpa login flows?
A: Sherpas use a specialized verification endpoint designed for their workflow. The authentication process is identical - request OTP, verify code, gain access - but Sherpas authenticate through a dedicated pathway that connects to Sherpa-specific dashboards and tools. Q: Can I revoke a session if I forgot to log out on a public computer?
A: Absolutely. Navigate to your profile settings, view all active sessions with device and location information, and delete any session remotely. The targeted device will immediately lose access and require a fresh login.

4. Troubleshooting

Issue: I’m not receiving the one-time password email
Check your spam folder first. If the email still hasn’t arrived after 2-3 minutes, request a new OTP. Ensure you’re entering the exact email address registered with your Fiftyknots account - typos will send codes to the wrong address. Issue: My OTP code says it’s invalid or expired
OTP codes expire quickly for security. Request a fresh code and enter it immediately. Make sure you’re copying the entire code without extra spaces. Each code can only be used once - if you already tried it, generate a new one. Issue: I’m being logged out unexpectedly while working
This typically happens when your session expires due to inactivity or when another device logs in with session-limit restrictions. Check if you have multiple sessions active that might be conflicting. Review your session list and clear old sessions. Issue: Authentication fails after clicking a link from an email
Some email clients modify links for security scanning, which can break authentication codes. Try copying the URL and pasting it directly into your browser. If you’re using the auth code exchange flow, ensure the code hasn’t expired - these codes have very short lifespans. Profile Management - After logging in, complete or update your founder profile to unlock personalized features and AI recommendations. Your profile completion status affects which tools and journeys become available to you. Venture Squad - SSO enables seamless collaboration with your team members. Invite co-founders and collaborators who will use the same authentication system to access shared projects, data rooms, and communication threads. Developer Dashboard - If you’re building on the Fiftyknots platform, SSO provides the foundation for API access. Generate auth codes that external applications can exchange for session tokens, enabling integrations while maintaining security.