Set Up Email-Based Authentication

  • Updated On May 3, 2026
  • Published on Apr 29, 2026
  • 2 minute(s) read
Prev Next

Note:

  • Whatfix Mirror supports end-user authentication through Single Sign-on (SSO), Email-Based Authentication, or both, based on your requirements. When both are enabled, learners can be authenticated through either method. For more information, see Set Up Single Sign-On and Set Up End-User Authentication.

Overview

Email-Based Authentication is an alternative end-user authentication mechanism in Whatfix Mirror that restricts access to shared Mirror Screens using email-based one-time password (OTP) verification. Only learners whose email domains have been approved can access the shared Mirror simulation.

With Email-Based Authentication, you can define approved email domains from the Mirror Dashboard. Learners accessing a shared Mirror simulation must verify their email using an OTP before gaining access. This ensures that only authenticated learners can access the Mirror simulation.

How Email-Based Authentication works

Once you configure one or more approved email domains in the Mirror Dashboard, learners can begin accessing shared Mirror simulations through OTP-based authentication.

When a learner opens a Mirror simulation, they must enter their email address and complete a captcha. If the email domain matches the configured whitelist, Whatfix sends an OTP to the learner's email address. The OTP remains valid for 10 minutes. If the learner does not receive the OTP, a resend option becomes available 30 seconds after the initial OTP was triggered. Whatfix grants access only after the learner enters the correct OTP.

Once authenticated, learners can access all Mirror Screens within the same browser session without re-authenticating for each Workflow or Simulation. An authenticated session remains valid for 7 days, after which learners must re-authenticate to regain access.

Note:

Incognito browser sessions are not supported for persistent access.

When should you use Email-Based Authentication?

Use Email-Based Authentication if:

  • Your learners are external users, partners, or third-party users.

  • You want to restrict access to shared Mirror simulations.

  • You need an authentication mechanism without onboarding learners into your Identity Provider (IdP).

For more information, see Manage Approved Domains.

Privacy Policy | Whatfix Glossary | Whatfix Platform Status
Copyright © 2024 WHATFIX TM. All rights reserved.