# Logging In

You can access ThousandEyes using either local login (email and password managed within ThousandEyes) or [Single Sign-On (SSO)](https://docs.thousandeyes.com/product-documentation/user-management/authentication/how-to-configure-single-sign-on-with-metadata) through your organization’s identity provider (IdP).

{% hint style="warning" %}
To ensure a seamless and secure login process, it is essential that your browser allows cookies from the following domains:

* webex.com - Cisco account leverages select technology and decades of security expertise from Cisco, Webex, and ThousandEyes to deliver a new, secure, and seamless login experience across Cisco platforms. Cisco account does not grant access to Webex products but because of the underlying technology, you may be required to allow cookies from the webex.com domain during login.
* cisco.com
* thousandeyes.com

These cookies are necessary to:

* Maintain your login session securely.
* Enable core functionality and personalized settings.
* Support authentication flows and access to collaboration tools.
* Provide enhanced performance and troubleshooting capabilities.

Blocking or disabling cookies from these domains might result in login issues, interrupted sessions, or degraded user experience.
{% endhint %}

To start the login process, you enter your email address. ThousandEyes uses this email to automatically identify your organization’s default authentication method and direct you to the appropriate login flow—either local login or Single Sign-On (SSO).

## Login Behavior by Organization SSO Settings and User Permissions

The login experience depends on your organization’s Single Sign-On (SSO) configuration and your user permissions. The table below summarizes how authentication works under different SSO settings:

|                                                              | Organization SSO Settings |                                             |                                    |
| ------------------------------------------------------------ | ------------------------- | ------------------------------------------- | ---------------------------------- |
| User Permissions                                             | Org SSO Disabled          | Org SSO Enabled, Force SSO Disabled         | Org SSO Enabled, Force SSO Enabled |
| Login via ThousandEyes login page                            | Prompted for Password     | Prompted for Password                       | Cannot log in                      |
| Login via ThousandEyes login page & Login via Single Sign-On | Prompted for Password     | Choice to proceed with Password or with SSO | Automatically directed to IdP      |
| Login via Single Sign-On                                     | Cannot log in             | Automatically directed to IdP               | Automatically directed to IdP      |

## Steps

Depending on your organization’s settings, you can log in using either local credentials or SSO. Use the steps that match your authentication method.

### Local Login

With the ThousandEyes local login, you are prompted to enter your email and then your local password. This method provides a quick setup process because it does not require integration with external identity providers.

1. On the [ThousandEyes login page](https://app.thousandeyes.com/login), enter your email address, select your desired region from the dropdown menu, and then click **Log In**.

   The region dropdown menu provides options for all users on the login page:

   * The **Default** option is preselected for everyone. It uses the ThousandEyes standard region routing rules. If your organization is in only one region, you will be routed to the default account group for that region.
   * If your organization spans multiple regions, or if you want to specify a region, select one of the available region options: **US1, US2, or EU**.

   <div data-gb-custom-block data-tag="hint" data-style="info" class="hint hint-info"><p>If you do not have an active user record in the selected region, you will see an error. You can then change the region or select the <strong>Default</strong> option to be routed automatically.</p></div>

   ![ThousandEyes login page](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-6903545f93f38fd5e4d487b85ccd8655dd6142c9%2Fthousandeyes-login-page-with-cisco-banner.png?alt=media)
2. On the sign-in screen, enter your password and continue—for example, click **Next** or **Log In**, depending on your screen.

   <div data-gb-custom-block data-tag="hint" data-style="info" class="hint hint-info"><p>Usernames and passwords are region-specific. For example, if you're logging in to the EU region, you must use your EU-specific credentials. If your credentials are the same across regions, you'll be logged into US1 by default and can switch afterward.</p></div>

   Upon successful authentication, you are redirected to your ThousandEyes organization.

   If your organization supports SSO and your user permissions allow it, you’ll land on the local login screen by default. You have the option to select **Log in with SSO** to authenticate through your identity provider.

   ![ThousandEyes sign-in screen with password field](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-8b15ea98f2971961d35f705d52c1b96cb4d97033%2Flogin-password-entry.png?alt=media)
3. (Optional) If your email or password is incorrect, an error message will appear.

   After three failed attempts, your account will be locked for 24 hours. For more information, see [Troubleshoot Login Errors](https://docs.thousandeyes.com/product-documentation/user-management/authentication/troubleshoot-login).

### SSO Login

With SSO login, ThousandEyes accepts your credentials from your registered identity provider. For more information on how to configure SSO, see [How to Configure Single Sign-On (SSO)](https://docs.thousandeyes.com/product-documentation/user-management/authentication/how-to-configure-single-sign-on-with-metadata).

1. On the [ThousandEyes login page](https://app.thousandeyes.com/login), enter your email address, select your desired region from the dropdown menu, and then click **Log In**.

   The region dropdown menu provides options for all users on the login page:

   * The **Default** option is preselected for everyone. It uses the ThousandEyes standard region routing rules. If your organization is in only one region, you will be routed to the default account group for that region.
   * If your organization spans multiple regions, or if you want to specify a region, select one of the available region options: **US1, US2, or EU**.

   <div data-gb-custom-block data-tag="hint" data-style="info" class="hint hint-info"><p>If you do not have an active user record in the selected region, you will see an error. You can then change the region or select the <strong>Default</strong> option to be routed automatically.</p></div>

   ![ThousandEyes login page](https://1112912342-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-M4QARF6s57qxMrOHDTZ%2Fuploads%2Fgit-blob-6903545f93f38fd5e4d487b85ccd8655dd6142c9%2Fthousandeyes-login-page-with-cisco-banner.png?alt=media)
2. Follow the login method based on your organization’s configuration:
   * If your organization uses [forced SSO](https://docs.thousandeyes.com/product-documentation/user-management/authentication/how-to-configure-single-sign-on-with-metadata#enabled-vs-forced-sso), you are automatically redirected to your identity provider to authenticate.
   * If your organization uses regular SSO and your user permissions allow it, you are taken to a login screen where you can choose to log in with SSO or continue with local login. Click **Log in with SSO** to continue with your identity provider, or enter your local credentials to continue with local login.
3. When redirected to your IdP's login page, enter your credentials and click **Enter**.

   Upon successful authentication, you are redirected to your ThousandEyes organization.

## Learn More

For potential login errors, see [Troubleshoot Login Errors](https://docs.thousandeyes.com/product-documentation/user-management/authentication/troubleshoot-login).