Customer Getting Started Guide
This guide is a step-by-step walkthrough of the SHI One onboarding process. Note that the person who performs this onboarding process will be designated as the Admin responsible for setting up the account.
The onboarding process has three parts:
- Complete the SHI One Organization Registration
- Choose how your organization's Users will sign in
- Set up Security Groups
If your organization's SHI One account has already been set up, jump ahead to the First Time Login for Users section below.
Use Chrome, Edge, or Firefox as your browser. Internet Explorer is not supported.
- When you receive the SHI One Portal Onboarding email, click the Start Onboarding Process button
- Confirm your email address
- A verification code is sent to you email, which you then confirm
- Fill in the SHI One Organization Registration
- Choose how your organization's Users will sign in:
- Microsoft Office 365/Azure AD SSO (Recommended)
- Google SSO
- Register New SHI One User Accounts
If you select Microsoft SSO, you will be asked if you are an O365/Azure AD admin:
- If you ARE an O365/Azure AD admin, you can authorize the SSO connection by clicking the Grant Tenant-Wide Admin Consent to SHI One button
- If you are NOT an O365/Azure AD admin, send the below URL to your organization's O365/Azure admin (usually someone on your IT team) to authorize the application on your behalf:
The O365/Azure admin's email address must match the organization's email in SHI One.
- If the email for the account in SHI One is @bird.com then the O365/Azure admin's email must also be @bird.com
- If the email for the account in SHI One is @bird.com but the O365/Azure admin's email is @bird.onmicrosoft.com, they will not be able to grant permission or sign in to SHI One
To grant SSO permissions to SHI One, you have two options:
- If you are a Google admin, sign in to Google and authorize the SHI One application
- If you do not have permission to grant authorization yourself, contact your organization's Google admin (usually someone on your IT team) to authorize the application on your behalf
The Google admin's email address must match the organization's email in SHI One.
- If the email for the account in SHI One is @bird.com then the admin's email must also be @bird.com
- If the email for the account in SHI One is @bird.com but the Google admin's email is @bird.google.com, they will not be able to grant permission or log into SHI One
Choosing this option requires all Users to manually register their accounts the first time they sign in.
- Fill out the SHI One Organization Registration
- Verify the registration
- Click on Register an Account
- Verify your email
- Sign in
Once these steps are complete, scroll to All About Security Groups below to complete the onboarding process.
Onboarding is not complete until Security Groups are configured.
Use Chrome, Edge, or Firefox as your browser. Internet Explorer is not supported.
- Click the login option used by your organization
- If you don't know which option to use, first try the Microsoft login option, then the Google login option
- If the Microsoft and Google login options haven't yet been activated by your organization's admin, click the SHI ONE login option
- At the bottom of the menu, click Don't have a login? Register an account
- Type in your email address and desired password
- Click Register
- If you see 'Error: The user already exists', click 'Already have a login? Log in to your account' then click 'Forgot Password?'
- Check your email inbox for a verification email
- Follow the instructions in the verification email to finish registering your login
- Sign in to SHI One using the SHI ONE login option
If you try to sign in using the Microsoft login option and see a message similar to the following:
This means your organization has not yet granted SHI One the necessary SSO permissions. Send this URL to an O365/Azure admin in your organization (usually someone on your IT team) to authorize the application on your behalf:
Once permission is granted, you will sign in using the Microsoft SSO option. Until then, select the SHI ONE login option, click 'Don't have a login? Register an account', complete the registration process, then sign in to SHI One using the SHI ONE login option.
This means your organization's SHI One Admin has not yet approved your SHI One profile. Your organization's SHI One Admin can approve your profile by following these steps:
- Navigate to Settings -> User Management
- Click the Awaiting Approval tab
- To the right of each email address, click the Role drop-down and choose either User or Admin
- Click the Save button in the upper right
Once your organization's SHI One Admin has approved your profile, you will be able to sign in.
A Security Group is a designated group of Users who have permission to see specific contracts or features in SHI One. Security Groups must be set up in order to complete the onboarding process.
- Admins can create and assign permissions for specific contracts to different Security Groups
- Admins can add new and existing Users to Security Groups
- Users must be assigned to a Security Group before they can view any data in SHI One
- Admins can view and access all data in SHI One by default
- All Users must be assigned to a Security Group in order to submit Support Requests
- Users can only submit Requests for the contracts, permissions, and accounts associated with their assigned Security Group(s)
- Admins can designate a Security Group Manager for each Security Group; that Security Group Manager can add existing Users to that specific Security Group
- Admins and Security Group Managers will be notified about any Security Group configuration issues that may lead to Users being unable to submit Support Requests
- Clicking on the notification will bring you to that Security Group's page
If a User cannot see data in SHI One, it means they have not been added to a Security Group. Users can only view data for the contracts, permissions, and accounts associated with their assigned Security Group(s).
Only Admins can set up Security Groups.
- Click on Settings -> Security Groups
- If needed, scroll down to the bottom of the page and click Enable Security Groups
- On the Options column, click the blue + icon
- Enter a name for that Security Group
- Click Create
- After hitting Create, click on the new Security Group
- Go to the Contracts tab
- Click +Add Contracts
- In the Add Contracts pop-up, select the contracts in the left column that you want to assign to this Security Group
- Click the > arrow to move those contracts to the right column
- Click Add Contracts to save your selections
- Click the blue gear icon to the right of each contract and choose which Request Categories for which Users will be allowed to submit Support Requests
- Select the specific subscriptions/accounts in the left column that this Security Group will access
- Click the > arrow to move those subscriptions/accounts to the right column
- Click Save
- Click on the Permissions tab and check/uncheck the permissions that will be granted to Users in this Security Group
- Click on the Users tab
- Click +Add Users on the right
- In the same way you added Contracts, select users in the left column and click the > arrow to move them to the right column
- Click Add Users to save your choices
- Determine each User's permissions by assigning them the Manager or Member Role
- The default Role is Member
You can remove Users from a Security Group at any time by clicking the red trash can icon to the right of their name.
Only Admins can add, edit, and remove Users.
- On the lefthand sidebar, navigate to Settings -> User Management
- Click Add User on the right
- Fill in the new User's information and designate their role as User or Admin
- Click Next
- Assign the User to all necessary Security Groups
- Click Save
- On the lefthand sidebar, navigate to Settings -> User Management
- Select the desired User group; you will always see the Active and Inactive groups, but you might see up to two other groups if Users are pending or awaiting approval
- Active Users: Users who have set up their profiles and can access SHI One
- Awaiting Approval: Users who have not yet been approved; an Admin must manually approve these Users in order for them to access SHI One
- Pending Profiles: Users who have been approved but who have not yet signed in to set up their profile
- Inactive Users: Users who cannot access SHI One
- Click the orange pencil icon to the right of the User
- Edit the User's Status, Role, first name, last name, and/or Security Group assignments as needed
- Click Save
Note: A User's email address cannot be changed within SHI One as it is tied to multiple elements in the portal such as Devices and Support Requests. To change a User's email address, submit a Support Request and include the User's current email address and the new email address.
There are three Roles within SHI One: User, Security Group Manager, and Admin.
Admins can edit a User's Status, Role, first name, last name, and Security Group assignments as needed by navigating to Settings -> User Management, clicking the orange pencil icon to the right of a User, making the desired changes, and clicking Save.
Users are able to:
- View data for only the contracts, permissions, and accounts associated with their assigned Security Group(s)
- Submit Support Requests for only the contracts, permissions, and accounts associated with their assigned Security Group(s)
- View only their own Support Requests
- View information for only their own Devices
- Access this SHI One Knowledge Base
Security Group Managers are able to:
- Add existing Users to their assigned Security Group(s)
- Granting Manager permissions within their assigned Security Group(s)
- Remove existing Users from their assigned Security Group(s)
- Be notified of configuration issues that may need to be escalated for their assigned Security Group(s)
- Access this SHI One Knowledge Base
Admins can designate Security Group Managers for each Security Group.
Admins have all User and Security Group Manager permissions, plus are also able to:
- Support Center
- View and update all Support Requests
- View information regarding all Devices
- View information/usage/consumption on all contracts and services
- Be notified of configuration issues that may need to be escalated
- Settings
- Generate a Microsoft SSO organization-wide consent link (if applicable)
- Update white label options for the SHI One portal (e.g. logo, etc.)
- Add new Users to their account
- Edit existing Users on their account
- Change a User's status to Inactive, which removes that User's access to SHI One
- Change User Roles and assign Admins
- Create and enable Security Groups
- Add, edit, and remove all Users across all Security Groups
- On the lefthand sidebar, navigate to Support Center -> New Request
- Select the applicable Request type:
- Service Request: Initiates a new service action for a deliverable service
- Change Request: For the addition, modification, or removal of anything that could impact a service
- Report an Incident: For unplanned interruptions or reduction in quality of a service
- Select the applicable Contract
- Select an Issue Type
- Select a Sub-Issue Type
- Provide a Subject
- Provide a Description
- Attach screenshots and/or supporting files
- Click Submit
No. It is not possible to submit a Support Request if Security Groups have not been set up.
If you cannot submit a Support Request, it means your Admin has not added you to the necessary Security Group(s). Users can only submit Requests for the contracts, permissions, and accounts on Security Group(s) they are assigned to.
Contact your organization's SHI One Admin and have them add you to the necessary Security Group(s).
In order to view your Azure subscription data in SHI One, you must first grant SHI One permission to access the data in Azure.
Visit the Installing Azure Marketplace Applications page for step-by-step instructions on how to complete this process. Note that the person who performs this process must be an SHI One Admin and also an Owner to the Azure subscription(s) being delegated.
- Note that Azure GovCloud is not supported in SHI One
- Note that Azure Web Direct subscriptions are not supported in SHI One; cost reporting and consumption data will not display for Web Direct subscriptions
If you see this error, hover over the ! for instructions on how to fix the configuration.
Log the error with screenshots and written details. Navigate to Support Center -> New Request -> Report an Incident.
Fill out the form with as much information as possible about the error, attach any screenshots, and submit the Support Request.
All Users must be assigned to a Security Group in order to submit Support Requests. Users in a Security Group can only submit Requests for the contracts, permissions, and accounts that have been assigned to that specific Security Group.
If you can't submit Support Requests, contact your organization's SHI One Admin and have them add you to the necessary Security Group(s).
In order to view your Azure subscription data in SHI One, you must first grant SHI One permission to access the data in Azure. Visit the Installing Azure Marketplace Applications page for step-by-step instructions on how to complete this process.
SSO can be enabled at any time. The process must be performed by an Admin.
- Sign in to SHI One and navigate to Settings -> General
- To the right of Microsoft Domain Consent, click the Consent button
- This step changes depending on if the SHI One Admin is also the organization's Microsoft admin:
- If you ARE a Microsoft admin, you will be able to sign in to Microsoft and grant SHI One consent to enable the SSO
- If you are NOT a Microsoft admin, you will see a link; send that link to your organization's Microsoft admin (usually someone on your IT team) who can grant consent to enable the SSO
- Once consent has been granted by the Microsoft admin, all Users will use the Microsoft SSO login option to sign in to SHI One
If you try to sign in using the Microsoft login option and see a message similar to the following:
This means your organization has not yet granted SHI One the necessary permissions. Send this URL to an O365/Azure admin in your organization (usually someone on your IT team) to authorize the application on your behalf:
Once permission is granted, you will sign in using the Microsoft login option. Until then, select the SHI ONE login option, click 'Don't have a login? Register an account', complete the registration process, then sign in to SHI One using the SHI ONE login option.
This means your organization's SHI One Admin (usually someone on your IT team) has not yet approved your SHI One profile. Your organization's SHI One Admin can approve your profile by following these steps:
- Navigate to Settings -> User Management
- Click the Awaiting Approval tab
- To the right of each email address, click the Role drop-down and select either User or Admin
- Click the Save button in the upper right
Once your organization's SHI One Admin has approved your profile, you will be able to sign in.
Try the following troubleshooting steps in order:
- Make sure you are using Chrome, Edge, or Firefox as your browser; Internet Explorer is not supported
- Clear all cookies and site data for SHI One
- If you don't know which login option your organization uses, click the Microsoft login option, then the Google login option, then the SHI One Register an Account option
- If the Register an Account option says you already have an account, click the SHI One 'Forgot Password?' option
- Try to sign in using a different browser
If the steps above do not resolve the issue, send an email to [email protected] and include the following information:
- The name of your organization
- The email address you're trying to sign in with
- The browser(s) you have tried to sign in on
- The login method(s) you have tried (Microsoft, Google, SHI One)
- Screenshots of what you see after you try to sign in
- Any other relevant information; the more information you provide, the faster the support team will be able to diagnose and fix the issue
SHI One accounts by default are associated with one single email domain; all Users with that email domain are able to self-service sign in. In order to add a second email domain, the Support Desk must create a User profile for someone whose email address uses the second email domain. Navigate to Support Center -> New Request -> Service Request and submit a ticket which includes the following information:
- Request that a second email domain be added to your account
- The user's email address with the second email domain
- The user's first and last name
- The user's phone number
- What role the user should have (User or Admin)
Visit the SHI One FAQ page for a complete list of the most frequently asked questions about SHI One.
