This topic provides information on the following:
- Logging in with InCommon Federated Account
Associating your eRA Commons account to your InCommon Federated account
Troubleshooting issues when associating your InCommon Federated account to your eRA account
Two-factor authentication for InCommon Federated Accounts (use of InCommon Federated accounts without two-factor authentication is not permitted)
Effective September 15, 2021, several thousand organizations are now available in the type-ahead search box for InCommon Federated accounts on the eRA Commons login screen. While many organizations appear in the list, they don't all support NIH’s two-factor authentication standards. To use an InCommon Federated account to login to Commons, your organization must support NIH’s two-factor authentication standards and you must have two-factor authentication setup for your organization’s account.
When you select an organization from the type-ahead search box and click the Login button, you will be redirected to the organization’s sign in site where you will complete the login process for the organization. If the organization supports NIH’s two-factor authentication standards, you will be prompted to complete their two-factor authentication login process, and if successful, you will automatically be redirected back to eRA Commons and automatically authenticated and logged in.
If your organization does not support NIH’s two-factor authentication standards and you do not have two-factor authentication setup for your organization’s account, you will not be able to login using your InCommon Federated account. There are several situations where you may receive an error message during the login process, and this depends upon the InCommon Federated organization and how they integrate with NIH Login.
After you select an organization from the type-ahead search box and click the Login button, you might receive an error message from NIH that says your organization does not support NIH’s two-factor authentication standards.
After you 1) select an organization from the type-ahead search box, 2) click the Login button, 3) and are redirected to the organization’s sign in site, you might receive an error message from the InCommon Federated organization that says your organization does not support two-factor authentication.
After you complete the login process for your organization, you might receive an error message from the InCommon Federated organization that says you have not set up two-factor authentication for your organization’s account.
If your InCommon Federated organization does not support NIH’s two-factor authentication standards and you do not have two-factor authentication setup for your organization’s account, you are required to use Login.gov; see Transitioning To and Using Login.gov.
Note that the two-factor authentication process and software used to support two-factor authentication varies across InCommon Federated organizations. Specific questions about your organization’s ability to support NIH’s two-factor authentication standards or the availability of two-factor authentication for your InCommon Federated account can be directed to your Organization Administrators. Compliance and contact information can be found here: https://auth.nih.gov/CertAuthV3/forms/help/compliancecheckhelp.html
InCommon Federated accounts, previously limited to only eRA scientific accounts, is now opened up to eRA administrative accounts effective September 15, 2021. However, if you have more than one eRA administrative account, wait to switch any of your administrative accounts as eRA is working on a solution that will support users with multiple eRA accounts that should be available in early 2022.
For further information, see Two-Factor Authentication: Access eRA Modules via an InCommon Federated Account.
- Navigate to the Commons login page.
- In the Login with Federated Account section of the login page, type part of your organization's name, then select the appropriate organization from the dropdown. Because the list is long, the dropdown is a type-ahead field, meaning you type all or part of your organization's name and a shorter list drops down, showing only those options that match the text you entered.
- Click the Login button.
- You are redirected to the InCommon Federated organization’s login site, where your organization's sign in page displays.
- Enter your InCommon Federated organization account credentials (e.g., username and password).
If two-factor authentication is setup and enabled for your account, you will be prompted to complete the two-factor authentication process for the InCommon Federated organization.
NOTE: The two-factor authentication process and screens are managed by your own organization and not by eRA. If you do not know your credentials at your organization or you are having trouble with your organization's login screen, you will need to contact your organization. The eRA service desk cannot help you with this screen.
After successfully logging into your organization’s account using two-factor authentication, you will be redirected back to eRA Commons. If eRA determines that your organization’s account is already associated with your eRA account, you will be successfully logged into Commons and can start using the system without having to log in again.
If your organization account is not linked to your eRA account, you will be prompted to associate your InCommon Federated account with your eRA account. See the next section.
If eRA determines that your organization’s account is not associated with your eRA account, you will be prompted to do so via the Associate your eRA Account screen. This is a one-time process.
Before You Associate Your eRA Account With Your InCommon Federated Account
• Make sure your eRA Commons account is active and you know your account password; if you are unsure of either, then use the Forgot Password/Unlock Account link in the blue INFORMATION box of the screen; see screenshot above. The Reset Password screen displayed will ask for your User ID (your eRA Commons username that you use to log into Commons) and email address.
• Also, ensure that you not are not using old bookmarked URLs to access eRA Commons. The URL for eRA Commons is https://public.era.nih.gov/commons/.
• Make sure you have an active account with an organization that participates with the InCommon Federation and you know your password. Your organization must support NIH’s two-factor authentication standards and you must have two-factor authentication enabled for your account.
To associate your eRA account with your Incommon Federated Account:
- In the Associate Your eRA Account screen, enter your eRA Commons User ID and password.
- Click the Continue button.
If successful, your eRA account will be associated with your organization's account, and you will be successfully logged into Commons and can start using the system without having to login again.
Now that you have completed the one-time association process, you will be able to log into Commons using your InCommon Federated Account without having to enter your eRA account username and password. You will only need to sign into your organization’s account using two-factor authentication.
If eRA cannot authenticate the Commons User ID or password you provided, the following message will display:Either the information entered is invalid or you are not enrolled in the eRA Commons. To keep your information secure, we may lock your account if you continue to enter incorrect login information. Please see your organization's account administrator for assistance (ID: 200523).
Other issues might prevent eRA from associating your accounts. Please read all messages and tips that appear on the screen during this process. You may also refer to the section below titled Why Can't I Associate My InCommon Federated account to My eRA account?.
If you are with an organization participating in the InCommon Federation, but you are having trouble associating your eRA account with your organization’s account, one of the following scenarios might be the issue:
If you have not yet created your own eRA account password and are attempting to associate your accounts using the system-assigned, temporary password for your eRA account, you will receive an error. You must change your eRA account password to one of your choosing before you can associate your accounts.
To do so, navigate to the Commons home page. Use the Commons Login fields to log into Commons with your Commons ID and temporary password. You should be prompted to change the password.
After successfully changing your eRA account password, log back in following the steps described in Accessing Commons with Your Organization Credentials.
You will not be able to associate your accounts if your eRA account password is expired. Navigate to the Commons home page. Use the Commons Login fields to log into Commons with your expired password. Commons will present the Change Password screen on which you can update your password.
After successfully changing the password for your eRA account, log back in following the steps described in Accessing Commons with Your Organization Credentials.
You can reset your eRA account by clicking the Forgot Password/Unlock Account link on eRA Commons home page. Commons will generate a new, temporary password for you.
Once you follow the steps for changing the temporary password for your eRA account to one of your choosing, you can log back in following the steps described in Accessing Commons with Your Organization Credentials.
In all other cases, please contact the eRA Service Desk to resolve this issue.