PressPlay uses Auth0 as its authentication and authorization provider, delivering enterprise-grade security for user access management. This integration ensures that only authorized team members can access your app data and experiments while providing a seamless single sign-on experience across your organization.
PressPlay chose Auth0 for several critical reasons:
Enterprise Security - Industry-leading authentication protocols and security best practices
Single Sign-On (SSO) - Seamlessly integrate with your existing identity provider
Multi-Factor Authentication (MFA) - Add an extra layer of security to protect sensitive data
Social Logins - Support for Google, Microsoft, and other identity providers
Organization-Based Access - Natural mapping to PressPlay's multi-tenant architecture
Scalability - Handles authentication for teams of any size
Compliance - Meets SOC 2, GDPR, and other regulatory requirements
When you access PressPlay, the authentication flow works as follows:
Access Request - You navigate to PressPlay's web application
Auth0 Redirect - PressPlay redirects you to Auth0's login page
Credential Verification - You enter credentials or use SSO/social login
Token Generation - Auth0 generates a secure JWT (JSON Web Token)
Return to PressPlay - You're redirected back with authentication token
Session Creation - PressPlay validates the token and creates your session
Organization Access - System determines which organizations and apps you can access
This entire process typically takes just a few seconds and happens automatically.
PressPlay implements role-based access control (RBAC) through Auth0 organizations:
Admin - Full access to all organization features, can manage users and settings
Member - Standard access to apps and experiments, can create and manage experiments
Viewer - Read-only access to view experiments and reports, cannot modify settings
Each role includes specific API scopes that control access:
read:experiments - View experiments and performance data
write:experiments - Create, update, and delete experiments
read:publishers - View connected publishers and apps
write:publishers - Connect new publishers and manage integration
read:organization - View organization details and members
write:organization - Manage organization settings and users
admin:all - Full administrative access across all features
When your organization admin invites you to PressPlay:
Check your email for an invitation from Auth0/PressPlay
Click the invitation link (valid for 7 days)
Choose your authentication method:
Email/Password - Create a new password for PressPlay
Google - Sign in with your Google account
Microsoft - Sign in with your Microsoft account
SSO - Use your organization's SSO if configured
Complete any required MFA setup
Accept terms of service
You'll be logged into PressPlay automatically
On your first login:
PressPlay will display a welcome screen
You'll be assigned to your organization automatically
Your role and permissions will be configured by your admin
You'll see only the publishers and apps you have access to
If you're an organization administrator, you can manage team members:
In PressPlay, navigate to Organization Settings
Go to the Users tab
Click Invite User
Enter the user's email address
Select their role (Admin, Member, or Viewer)
Optionally add them to specific apps
Click Send Invitation
The user will receive an email invitation to join your organization.
Go to Organization Settings > Users
Find the user in the list
Click the Remove button
Confirm removal
Removed users immediately lose access to your organization and apps. This action does not delete their Auth0 account.
Navigate to Organization Settings > Users
Click on a user to view their details
Select a new role from the dropdown
Save changes
Role changes take effect immediately. Active sessions may need to refresh for new permissions to apply.
Enterprise customers can configure SSO with their identity provider:
Okta - SAML 2.0 or OpenID Connect
Azure AD - Microsoft Azure Active Directory
Google Workspace - Google's identity platform
OneLogin - SAML or OIDC
Generic SAML 2.0 - Any SAML-compliant provider
Generic OIDC - Any OpenID Connect provider
To set up SSO for your organization:
Contact PressPlay support to request SSO configuration
Provide your identity provider details (type, metadata URL, etc.)
PressPlay team will configure the connection in Auth0
Test the SSO connection with a test user
Verify authentication and authorization work correctly
Roll out to your organization
SSO configuration typically takes 1-2 business days to complete.
PressPlay strongly recommends enabling MFA for all users:
Log into PressPlay
Click your profile icon in the top right
Select Account Settings
Click Enable Multi-Factor Authentication
Choose your MFA method:
Authenticator App - Google Authenticator, Authy, etc.
SMS - Receive codes via text message
Email - Receive codes via email
Follow the setup instructions for your chosen method
Enter a verification code to confirm setup
Save recovery codes in a secure location
Organization admins can require MFA for all users:
Go to Organization Settings > Security
Enable Require Multi-Factor Authentication
Choose enforcement policy:
All Users - Everyone must use MFA
Admins Only - Only admin users require MFA
New Users - Only new users are prompted to set up MFA
Save changes
Users without MFA will be prompted to set it up on their next login.
PressPlay sessions have the following characteristics:
Active Session - Remains valid while you're actively using the application
Idle Timeout - Sessions expire after 24 hours of inactivity
Maximum Duration - Sessions automatically expire after 7 days regardless of activity
Remember Me - Optional setting to extend session duration to 30 days
To log out of PressPlay:
Click your profile icon in the top right
Select Log Out
You'll be returned to the login page
Logging out invalidates your session token immediately.
Auth0 Organizations map directly to PressPlay organizations:
Isolated Access - Each organization's data is completely separate
Multi-Organization Users - Users can belong to multiple organizations (agencies, consultants)
Organization Switching - Easy switching between organizations if you have access to multiple
Branded Login - Enterprise customers can customize login screens with their branding
Problem: Unable to access your account
Solutions:
Verify you're using the correct email address
Check if Caps Lock is enabled when entering password
Try password reset if you've forgotten your credentials
Clear browser cookies and cache, then try again
Try a different browser or incognito mode
Contact your organization admin to verify your account status
Problem: Invitation link no longer works
Solutions:
Contact your organization admin to resend the invitation
Check if you already have an account - try logging in instead
Verify you're clicking the most recent invitation if multiple were sent
Problem: Cannot access MFA codes or codes not working
Solutions:
Ensure your device's time is synchronized (critical for authenticator apps)
Use recovery codes saved during MFA setup
Try alternative MFA method if configured (SMS, email, etc.)
Contact PressPlay support to reset MFA if recovery isn't possible
Problem: "Access denied" or "Insufficient permissions" messages
Solutions:
Verify your user role with your organization admin
Confirm you're accessing the correct organization
Try logging out and back in to refresh permissions
Contact admin if you believe you should have access
To maintain secure access to PressPlay:
Strong Passwords - Use unique passwords with 12+ characters, mix of types
Enable MFA - Always use multi-factor authentication when available
Regular Updates - Keep authenticator apps and devices updated
Secure Recovery Codes - Store MFA recovery codes in a password manager
Log Out on Shared Devices - Always log out when using public or shared computers
Report Suspicious Activity - Contact support immediately if you notice unauthorized access
Review Sessions - Periodically review active sessions in account settings
Avoid Password Sharing - Never share credentials with teammates
Auth0 and PressPlay maintain strict security and privacy standards:
Data Encryption - All authentication data encrypted in transit and at rest
SOC 2 Type II - Auth0 is SOC 2 certified
GDPR Compliant - Full compliance with European data protection regulations
HIPAA Available - For enterprise customers with healthcare compliance needs
Regular Audits - Periodic security audits and penetration testing
Minimal Data Collection - Only necessary authentication data is stored
If you need assistance with authentication:
Password Reset - Use "Forgot Password" link on login page
Organization Admin - Contact your admin for access and permission issues
PressPlay Support - Reach out to support for technical authentication problems
Auth0 Status - Check Auth0's status page if you suspect service issues
Auth0 authentication provides PressPlay with enterprise-grade security while maintaining a seamless user experience. By leveraging Auth0's robust infrastructure, PressPlay ensures your sensitive app data and experiment results are protected by industry-leading authentication protocols, customizable access controls, and comprehensive security features. Whether you're a solo developer or a large enterprise team, Auth0's flexible architecture scales with your needs while maintaining the highest security standards.
