Every new RIPA Expenses user receives a confirmation e-mail inviting them to set up their RIPA account. The process is referred to as "confirming" the account, since it proves that the user received the e-mail (so their e-mail address is correct) and does want to use RiPA Expenses (because they elect to follow the confirmation process).
The very first user set up in your RIPA company account is always initially the administrator for that account. The administrator gets the same confirmation e-mail too, but they will be led through some first-time setup steps during account confirmation that other users don't see.
Starting account confirmation
The top of the e-mail looks a bit like the screenshot below.
The user clicks or taps on the orange "Confirm e-mail" button to proceed - this launches the RIPA Expenses web app in your preferred system web browser. Administrators will then see the first-time setup wizard.
First-time setup wizard - welcome page
While the wizard can work on mobile phones or other small-screen devices, it is recommended that you step through the wizard on a larger screen device such as a large tablet, laptop, or desktop computer - it's just less fiddly.
The welcome page just contains some introductory text and looks a bit like this:
Each step of the wizard is advanced using the "Next" button.
Navigation
Once you move past the welcome page, you'll notice the navigation strip above the wizard changes, with previously completed steps shown in green.
The green entries are clickable links, letting you go back to previous steps if you want to double-check something or change your mind about a prior setting.
Geography settings
The second wizard step checks your default language, main time zone and financial year choices. This needs to be correct from the get-go for all sorts of reasons, well before any other users are onboarded and start creating claims that might be tagged in, say, the wrong time zone.
The third wizard step can present itself differently depending on how your RIPA Expenses company account was set up. In this step, you describe how you want your users to sign into their RIPA Expenses accounts.
Self-signup accounts
Choosing a sign-in method
Users can sign in using their e-mail address and with a RIPA Expenses password if you wish. Account confirmation for your users is then a matter of setting up a password.
However, most companies already have employee accounts in a system such as Google Business Suite or Microsoft Entra (which used to be called Azure AD) and besides, nobody wants to have to remember yet another password if it can be avoided! You can choose from some supported external sign-in services instead of using a RIPA password. User confirmation involves being sent to the chosen service; the user signs in with their existing credentials; and as a result of this a connection is made between that service and the RIPA Expenses account.
Choose the sign-in method you want from the drop-down menu. An area in blue below tells you a bit more about what this means. Here's what it looks like if you do decide to use a RIPA password for sign-in:
Different providers show different things. If you choose Google, you'll see something like this:
Some providers require extra information. For example, Okta is a little involved. It will ask for three pieces of information, as shown below:
You can find out how to obtain the values needed for Okta by reading this Okta setup guide.
Once you've chosen and, if necessary, configured your sign-in service, click or tap on the "Next" button to now confirm your own administrator account using that service.
Confirming sign-in for your administrator account
This last step of the wizard shows you the same things that subsequently-added users see for their own simplified account confirmation process.
If you're using RIPA sign-in, you will need to enter a password, typing it in twice to make sure that there aren't any typing errors the first time:
Passwords, as you might expect, have minimum-complexity rules which will warn you, as you type, if things aren't long enough, or have easy-to-guess patterns (such as '1234', or 'abcd'). Do not reuse passwords from other web sites.
We don't enforce rules such as requiring particular punctuation marks, capital or lower-case letters, numbers or similar; we only require that the password is at least a minimum length and judged to be sufficiently complex for good security.
If all goes well, you'll be taken back to the login page with a success message and asked to now sign in using your e-mail address and new password. We take this extra step just so you can make sure that you do remember that new password and it does work as expected. Once logged in, please start following the day one guides. If you encounter login trouble at this point, please contact RIPA Support immediately.
If you're using an external sign-in service, you'll see a button that you click or tap on to launch a popup (or new web browser tab, depending on how your web browser works) which asks you to sign into that service - Google, in the example below:
You must check to make sure that this is indeed the service you selected; you should be entering your login details for that service into a web page presented by that service, not a web page presented by RIPA. We will never know the details you use to sign in, other than requiring the e-mail addresses to match.
If all goes well, you'll now be signed into RIPA Expenses and should now follow the day one guides. If you encounter login trouble at this point, please contact RIPA Support immediately.
Accounts created by RIPA Support
If RIPA Support created your RIPA company account and configured it to only support a single way for users to sign-in, then things will look the same as they do in the above description for self-signup users - you should read that information to find out more. If, however, you requested that more than one method be made available, then the information below is relevant to you.
List of sign-in methods
Available sign-in methods are listed in this step of the wizard, but you can't change them. You'll see something like this:
The "RIPA" method lets users set up a new RIPA Expenses password. They subsequently log in using their e-mail address and that password. Other methods are external services which are useful if you already have employees signing into company accounts in the Google Business Suite or Microsoft Entra (which used to be called Azure AD). These are generally recommended over a RIPA password since your users are already used to signing in that way, and nobody wants to remember yet another password if it can be avoided!
Some services may require additional confirmation information before you can continue. For example, Okta is a little involved. It will ask for three pieces of information, as shown below:
You can find out how to obtain the values needed for Okta by reading this Okta setup guide.
Once you've chosen and, if necessary, configured your sign-in service, click or tap on the "Next" button to now confirm your own administrator account using which ever sign-in approach you prefer.
Confirming the sign-in method for your administrator account
This last step of the wizard shows you the same things that subsequently-added users see for their own simplified account confirmation process.
There may be one or more buttons that let you decide to confirm with an external services - in this case, "Sign in with Google" or "Sign in with Okta" - and there may be, if RIPA passwords are supported, a password type-in field with confirmation field below, where you repeat the same password to make sure that there aren't any typing errors.
You can pick any one of these methods. Which ever one you choose is the one you always use thereafter to sign into your RIPA Expenses account.
Passwords, as you might expect, have minimum-complexity rules which will warn you, as you type, if things aren't long enough, or have easy-to-guess patterns (such as '1234', or 'abcd'). Do not reuse passwords from other web sites. We don't enforce rules such as requiring particular punctuation marks, capital or lower-case letters, numbers or similar; we only require that the password is at least a minimum length and judged to be sufficiently complex for good security.
If you instead use an external service via a "Sign in with..." button, a popup or new browser tab (or new web browser tab, depending on how your web browser works) opens which asks you to sign in using that service. You must check to make sure that this is indeed the service you selected; you should be entering your login details for that service into a web page presented by that service, not a web page presented by RIPA. We will never know the details you use to sign in, other than requiring the e-mail addresses to match.
- Once you've set a password, you'll be asked to sign in using it. We take this extra step just so you can make sure that you do remember that new password and it does work as expected.
- If you use an external sign-in service, then once you've signed in there, you're sent back to RIPA Expenses already signed in and ready to go.
If all has gone well and you're now signed in, please now follow the day one guides. If you encounter login trouble at this point, though, please contact RIPA Support immediately.