Getting Started

Customer Getting Started Guide

43min

This guide is a step-by-step walkthrough of the SHI One onboarding process. Note that the person who performs this onboarding process will be designated as the Admin responsible for setting up the account.

The onboarding process has three parts:

  1. Complete the SHI One Organization Registration
  2. Choose how your organization's users will login
  3. Set up Security Groups

If your organization's SHI One account has already been set up, jump ahead to the First Time Login for Users section below.



First Time Login Process

Initial Account Setup Login for Admin

Use Chrome, Edge, or Firefox as your browser. Internet Explorer is not supported. 

  1. Click the Welcome Link emailed to you by your SHI One representative
  2. Verify your email address
  3. Complete the SHI One Organization Registration
  4. Choose how your organization's users will login
    • Microsoft O365/Azure AD SSO (Recommended)
    • Google SSO
    • SHI One manual account registration

Setting Up Microsoft O365/Azure AD SSO

To grant SSO permissions to SHI One, you have two options:

  1. If you are an O365/Azure AD admin, sign in to Microsoft and authorize the SHI One application
  2. If you do not have permission to grant authorization yourself, send the below URL to your organization's O365/Azure admin (usually someone on your IT team) to authorize the application on your behalf:

The O365/Azure admin's email address must match the organization's email in SHI One.

  • If the email for the account in SHI One is @bird.com then the Admin's email must also be @bird.com
  • If the email for the account in SHI One is @bird.com but the O365/Azure admin's email is @bird.onmicrosoft.com, they will not be able to grant permission or log into SHI One
    • To get a separate email domain added to your SHI One account, contact the Support Team

Setting Up Google SSO

To grant SSO permissions to SHI One, you have two options:

  1. If you are a Google admin, sign in to Google and authorize the SHI One application
  2. If you do not have permission to grant authorization yourself, contact your organization's Google admin (usually someone on your IT team) to authorize the application on your behalf

The Google admin's email address must match the organization's email in SHI One.

  • If the email for the account in SHI One is @bird.com then the Admin's email must also be @bird.com
  • If the email for the account in SHI One is @bird.com but the Google admin's email is @bird.google.com, they will not be able to grant permission or log into SHI One
    • To get a separate email domain added to your SHI One account, contact the Support Center

SHI One Manual Account Registration

Choosing this option requires all users to manually register their accounts the first time they sign in.

  1. Fill in the registration form
  2. Verify registration for SHI One
  3. Click on Register an Account
  4. Verify email
  5. Log in

Once these steps are complete, scroll to All About Security Groups below to complete the onboarding process.

Onboarding is not complete until Security Groups are configured.



First Time Login for Users

Use Chrome, Edge, or Firefox as your browser. Internet Explorer is not supported. 

  1. Navigate to https://One.SHI.com
  2. You will see the following login options

    • 

      Document image
      
  3. Choose the login option used by your organization
    • If your organization is not using the Microsoft login or Google login options, you must click SHI One -> Register an SHI One Account to manually register your account the first time you sign in, even if your account rep has already set up your profile in SHI One

'Approval Required', 'Needs Permission', or 'Requires Admin Approval'

If you try to sign in using Microsoft login option and see a message similar to the following:

Document image

Document image




This means your organization has not yet granted SHI One the necessary permissions. Send this URL to an O365/Azure admin in your organization (usually someone on your IT team) to authorize the application on your behalf:

Once permission is granted, you will sign in using the Microsoft SSO option. Until then, select the SHI ONE login option, click 'Don't have a login? Register an account', complete the registration process, then sign in to SHI One using the SHI ONE login option.

'Your account is pending approval from your Company administrator'

This means your organization's SHI One admin (usually someone on your IT team) has not yet approved your SHI One profile. Your organization's SHI One admin can approve your profile by following these steps:

  1. Navigate to Settings -> User Management
  2. Click the Awaiting Approval tab
  3. To the right of each email address, click the Role drop-down and select either User or Admin
  4. Click the Save button in the upper right

Once your organization's admin has approved your profile, you will be able to sign in.



All About Security Groups

A Security Group is a designated group of users who have permission to see specific contracts or features in SHI One. Security Groups must be set up in order to complete the onboarding process.

  • Admins can create and assign permissions for specific contracts to different Security Groups
  • Admins can add new and existing users to Security Groups
    • Users must be assigned to a Security Group before they can view any data in SHI One
    • Admins can view and access all data in SHI One by default
  • All users must be assigned to a Security Group in order to submit Support Requests
    • Users can only submit Requests for the contracts, permissions, and accounts associated with their assigned Security Group(s)
  • Admins can designate a Security Manager for each Security Group; that Security Manager can add existing users to that specific Security Group
  • Admins and Security Managers will be notified about any Security Group configuration issues that may lead to users being unable to submit Support Requests
    • Clicking on the notification will bring you to that Security Group's page

If a user cannot see data in SHI One, it means they have not been added to a Security Group. Users can only view data for the contracts, permissions, and accounts associated with their assigned Security Group(s).



Security Group Setup

STEP 1: Creating a Security Group

  1. Click on Settings -> Security Groups
  2. Scroll down to the bottom of the page and click Enable Security Groups
  3. Click the + sign
  4. Enter a name for that Security Group
  5. Click Create
Document image


STEP 2: Adding Contracts

  1. After hitting Create, click on the new Security Group
  2. Go to the Contracts tab
  3. Click +Add Contracts
  4. In the Add Contracts pop-up, select the contracts in the left column that you want to assign to this Security Group
  5. Click the > arrow to move those contracts to the right column
  6. Click Add Contracts to save your choices
Document image


STEP 3: Setting Permissions

  1. Click the blue gear icon to the right of each contract and choose which Request Categories for which users will be allowed to submit support requests
  2. Select the specific subscriptions/accounts in the left column that this Security Group will access
  3. If there is a Next button, click it to see the next page of contracts
  4. Click the > arrow to move those subscriptions/accounts to the right column
  5. Click Done/Save
  6. Click on the Permissions tab and check/uncheck the permissions that will be granted to users in this Security Group
Document image

Document image


STEP 4: Adding Users to Security Groups

Adding Existing Users

  1. Click on the Users tab
  2. Click +Add Users on the right
  3. In the same way you added Contracts, select users in the left column and click the > arrow to move them to the right column
  4. Click Add Users to save your choices
  5. Determine the users' permissions by assigning them the Manager or Member role
    • The default role is Member
Document image


Adding a New User

  1. On the lefthand sidebar, navigate to Settings -> User Management
  2. Click Add User on the right
  3. Fill in the new user's information and designate their role as User or Admin
  4. Click Next
  5. Assign that user to all necessary Security Groups, assign them the Member or Manager role for each Group, and click Save
  6. Click Save

Note: A user's Role and User Name may be modified at any time.

To modify a user's Email Address, a request must be submitted to the Support Center as their email address is directly tied to multiple elements such as Devices and Support Requests.

Removing Users

You can remove users from a Security Group at any time by clicking the red trash can to the right of their name.



Roles

There are three user roles within SHI One: User, Security Group Manager, and Admin.

Admins can edit a User's Role, Status, first name, last name, and Security Group assignments as needed by navigating to Settings -> User Management, clicking the orange pencil icon to the right of a user, making the desired changes, and clicking Save.

Users

Users are able to:

  • View data for only the contracts, permissions, and accounts associated with their assigned Security Group(s)
  • Submit Support Requests for only the contracts, permissions, and accounts associated with their assigned Security Group(s)
  • View only their own Support Requests
  • View basic information for only their own Devices
  • Access the User Knowledge Base

Security Group Managers

Security Group Managers are able to:

  • Add existing users to their assigned Security Group(s)
  • Give existing users Manager permissions within their assigned Security Group(s)
  • Remove existing users from their assigned Security Group(s)
  • Be notified of configuration issues that may need to be escalated for their assigned Security Group(s)

Admins can designate Security Group Managers for each Security Group

Admins

Admins have all User and Security Group Manager permissions, plus are also able to:

  • Support Center
    • View and update all Support Requests across the organization
    • View information regarding all Devices across the organization
    • View information/usage/consumption on all Contracts across the organization
    • Be notified of configuration issues that may need to be escalated
  • Settings
    • Generate a Microsoft/Azure SSO organization-wide consent link (if applicable)
    • Update white label Options for the SHI One portal (i.e. logo, etc.)
    • Add new users to their account
    • Edit existing users on their account
    • Change a user's status to Inactive, which removes that user's access to SHI One
    • Change user Roles and assign Admins
    • Create and enable Security Groups
    • Add, edit, and remove all users across all Security Groups


How to Submit a Support Request

  1. On the lefthand sidebar, navigate to Support Center -> New Request
  2. Select the applicable Request type:
    • Service Request: Initiates a new service action for a deliverable service
    • Change Request: For the addition, modification, or removal of anything that could impact a service
    • Report an Incident: For unplanned interruptions or reduction in quality of a service
  3. Select the applicable Contract
  4. Select an Issue Type
  5. Select a Sub-Issue Type
  6. Provide a Subject
  7. Provide a Description
  8. Attach screenshots and/or supporting files
  9. Click Submit

Can I Submit a Support Request Without Setting Up Security Groups?

No. It is not possible to submit a Support Request if Security Groups have not been set up.

Document image


If you cannot submit a Support Request, it means your Admin has not added you to the necessary Security Group(s). Users can only submit Requests for the contracts, permissions, and accounts on Security Group(s) they are assigned to.

Contact an Admin on your organization's SHI One account and have them add you to the necessary Security Group(s).



Delegating Azure Subscriptions to SHI One

In order to view your Azure subscription data in SHI One, you must first grant SHI One permission to access the data in Azure.

Visit the Installing Azure Marketplace Applications page for step-by-step instructions on how to complete this process. Note that the person who performs this process must be an Admin in SHI One and also an Owner to the Azure subscription(s) being delegated.

  • Note that Azure GovCloud is not supported in SHI One
  • Note that Azure Web Direct subscriptions are not supported in SHI One; cost reporting and consumption data will not display for Web Direct subscriptions


Troubleshooting

The Red Exclamation Mark

If you see this error, hover over the “!” for instructions on how to fix the configuration.

Not Seeing the Right Users

Reload the site and ensure the correct Security Group is selected.

Please note that after making any changes to a Security Group, you must reload the site (refresh or log out then log in) in order to see those changes on the Support Request form.

Seeing Errors

Log the error with screenshots and written details. Navigate to Support Center -> New Request -> Report an Incident.

Fill out the form with as much information as possible about the error, attach any screenshots, and submit the Support Request.

Can't Submit Support Requests

All users must be assigned to a Security Group in order to submit Support Requests. Users in a Security Group can only submit Requests for the contracts, permissions, and accounts that have been assigned to that specific Security Group.

If you can't submit Support Requests, contact an Admin on your organization's SHI One account and have them add you to the necessary Security Group(s).

Can't See Azure Subscription Data

In order to view your Azure subscription data in SHI One, you must first grant SHI One permission to access the data in Azure. Visit the Installing Azure Marketplace Applications page for step-by-step instructions on how to complete this process.

Want to Enable SSO (Single Sign-On)

SSO can be enabled at any time. The process must be performed by an Admin.

  1. Sign in to SHI One and navigate to Settings -> General
  2. To the right of 'Microsoft Domain Consent', click the 'Consent' button
  3. This step changes depending on if the SHI One Admin is also the organization's Microsoft admin:
    • If you ARE a Microsoft admin, you will be able to login to Microsoft and grant SHI One consent to enable the SSO
    • If you are NOT a Microsoft admin, you will see a link; send that link to your organization's Microsoft admin (usually someone on your IT team) who can grant consent to enable the SSO
  4. Once consent has been granted by the Microsoft admin, all users will use the Microsoft SSO login option to sign in to SHI One

Trying to Sign in but See 'Approval Required', 'Needs Permission', or 'Requires Admin Approval'

If you try to sign in using Microsoft login option and see a message similar to the following:

Document image

Document image




This means your organization has not yet granted SHI One the necessary permissions. Send this URL to an O365/Azure admin in your organization (usually someone on your IT team) to authorize the application on your behalf:

Once permission is granted, you will sign in using the Microsoft login option. Until then, select the SHI ONE login option, click 'Don't have a login? Register an account', complete the registration process, then sign in to SHI One using the SHI ONE login option.

Trying to Sign in but See 'Your account is pending approval from your Company administrator'

This means your organization's SHI One admin (usually someone on your IT team) has not yet approved your SHI One profile. Your organization's SHI One admin can approve your profile by following these steps:

  1. Navigate to Settings -> User Management
  2. Click the Awaiting Approval tab
  3. To the right of each email address, click the Role drop-down and select either User or Admin
  4. Click the Save button in the upper right

Once your organization's admin has approved your profile, you will be able to sign in.

Trying to Sign in but Can't

Try the following troubleshooting steps in order:

  1. Make sure you are using Chrome, Edge, or Firefox as your browser; Internet Explorer is not supported
  2. Clear your cookies and site data for SHI One
  3. In your browser's URL bar, go to https://one.shi.com/logout then close that tab
  4. Go to https://one.shi.com and click the Microsoft login option, then the Google login option, then the SHI One Register an Account option
    • If the Register an Account option says you already have an account, click the SHI One Forgot Password? option
  5. Try to sign in using a different browser

If the steps above do not resolve the issue, send an email to [email protected] and include the following information:

  • The name of your organization
  • The email address you're trying to sign in with
  • The browser(s) you have tried to sign in on
  • The login method(s) you have tried (Microsoft, Google, SHI One)
  • Screenshots of what you see after you try to sign in
  • Any other relevant information; the more information you provide, the faster the support team will be able to diagnose and fix the issue

Need to Add a Second Domain

SHI One accounts by default are associated with one single domain; all users on that domain are able to self-service login. In order to add a second domain, the support desk must create a user profile for someone whose email address uses the second domain. Navigate to Support Center -> New Request -> Service Request and submit a ticket which includes the following information:

  • Request that a second domain be added to your account
  • Email address with the second domain
  • First and last name
  • Phone number
  • What role the user should have (User or Admin)

My Question is Not Addressed Here

Visit the SHI One FAQ page for a complete list of the most frequently asked questions about SHI One.

Updated 11 Nov 2024
Doc contributor
Doc contributor
Did this page help you?
PREVIOUS
FAQ
NEXT
Installing Azure Marketplace Applications
Docs powered by Archbee