Logging In & Passwords
Accessing Your Account
Sign in at app.scopestack.io . If your organization uses SSO, you will be redirected to your identity provider instead of seeing the standard login form.
Don’t have an account yet? Request a demo to learn more about the platform and get access to a trial.
How Users Are Added
Users are added to ScopeStack by an account administrator. There are three ways a user gets access:
- Invitation email: An admin creates the user in Settings > Users & Groups > Users and ScopeStack sends an invitation email. The user clicks the link to set their password and log in.
- SSO auto-provisioning: If your account uses SAML SSO, new users are created automatically when they sign in through your identity provider for the first time. They receive the account’s default role.
- API provisioning: Users can be created programmatically through the ScopeStack API.
User Types
Each user is assigned a type that determines their license tier and access level:
| Type | Description |
|---|---|
| Licensed | A paid user with full edit access. Counts against your license limit. |
| Sales | A paid user with limited ability to check project status and use the Sales app. |
| Service | A free service account that can access the API but not the application UI. |
| View Only | A free user with read-only access to projects they are added to as teammates. |
User types are set when creating or editing a user in Settings > Users & Groups > Users.
Password Requirements
Passwords must have a minimum of 8 characters, including at least:
- One uppercase letter
- One lowercase letter
- One number
- One symbol (!,@,#,etc)
Password Expiration
Password rotation is configurable per account. Your administrator sets the rotation interval in Account Settings. The default is 90 days. When set to 0, password rotation is disabled entirely.
SSO users are exempt from password expiration. If a user authenticates through an identity provider, password age is never checked.
Changing Your Password
Go to My Account (top-right menu) to change your password. You will need to enter your current password and then your new password twice to confirm.
Account Lockout
If a user enters their password incorrectly 5 times, their account is locked. Contact Support via chat or email at support@scopestack.io to have it unlocked.
Session Timeout
Sessions expire after 4 hours of inactivity. After timeout, you will be redirected to the login page. If your organization uses SSO, re-authentication is typically seamless.
Resetting a Forgotten Password
Click Forgot your password? on the login page to receive a password reset email. The reset link is valid for 6 hours.
SAML-based SSO
Your organization can use a SAML identity provider (Okta, Microsoft Entra ID, Google Workspace, etc.) instead of ScopeStack passwords. SSO users bypass password requirements and expiration entirely. See Single Sign-On (SSO) for setup details.