System authentication / login
Preamble
To access our platform securely, every user must verify their identity through one of several supported authentication methods. These methods ensure that only authorized users can log in, while giving organizations flexibility in how they manage access.
Each authentication method has specific requirements. In most cases, the method you use is assigned to your account by your administrator and cannot be changed on your own. Please read the descriptions below to understand how each login method works and what you'll need to use it.
In case of any questions or issues you can request assistance from the Awery support department
Basic Login – (Login/Email and Password)
This is the standard login method for users with individually created accounts. You sign in using a registered email address (or a login) and a password that you set during the registration process or received from our team upon initial setup.
How it works: On the login page, you enter your email address (or a login) and password. If it’s valid system will let you in.

Important: Your email must match the one registered in the system. If you forget your password you can check our How to reset a password manual.
LDAP Login – Company Username and Password
If your organization uses LDAP (such as Microsoft Active Directory), your login credentials will be the same as those used within your internal systems.
How it works: Enter your corporate username and password on the login page. You will see also a special drop list of available LDAP hosts. If you stay with the General option, the system will log you in using basic login. To log in via LDAP, you need to select one of the LDAP hosts available to your system.

Important: The username must exactly match what’s registered on your company’s directory. Email addresses might not be used for login in this case. If a user exists in LDAP but not in AWERY ERP, or it is deleted in AWERY ERP, it will be automatically restored because LDAP is the data provider, and as long as it is valid, it will be valid for our system.
Google Authentication
Google Auth allows you to log in using your Google Workspace (company) or personal Gmail account.
How it works: Click the "Google" button on the login screen. You’ll be redirected to Google to authorize access. Then every step is under your control, and the authentication outcome is up to you. If Google verifies your Google account, the system will let you in.

Important: You must use the exact Google email that’s linked to your user account in the system. Login will fail if you try to sign in with an unregistered or different Google email.
Microsoft Authentication
This method lets you sign in using a Microsoft 365 or Azure Active Directory account. In general, the process is similar to the one provided by Google in its solution.
How it works: Click the Microsoft button and authenticate using your Microsoft credentials.

Important: You must use the exact Microsoft email that’s linked to your user account in the system. Login will fail if you try to sign in with an unregistered or different Google email.
Okta Authentication
Okta is an identity management service used by many enterprises to centralize access to internal and external applications.
How it works: Click the Okta button and you'll be redirected to your organization's Okta login page, where you authenticate using your usual company login credentials.

FIDO Authentication – Biometric or Hardware Key Login
FIDO allows secure, passwordless login using biometrics (like a fingerprint or facial recognition) or a physical security key.
How it works: After entering your registered username or email, you'll be prompted to authenticate using your biometric device or security key.

Important: The biometric or security key must be registered with your account in advance. You’ll also need a compatible device (e.g., a fingerprint scanner or USB key).
Other important information
Several authentication methods can be available for the same user, as determined by your user's personal settings and global system settings. Thus, if necessary, you can log in using either your standard login and password or your email address.
Two step verification
Additionally, you can set mandatory two-factor authentication for each user, which means that if you choose to authenticate via Google, Microsoft, or Octa, these providers will additionally require confirmation according to your personal settings, which Avery does not have access to. This can be a third-party application, confirmation by email, or a code sent via SMS.
Auth login only
As mentioned earlier, by default, none of the configured paths of authentication are restricted and the user can choose any. However, by additional configuration, which is for a specific user, you can block the login option via password or LDAP and then authorization will be available only through third-party providers.