Skip to content
Uku Help

Security and login methods

Who can do this

Section titled “Who can do this”

Only the Company Owner can enable, disable, or configure login methods. Company Admins can view the Security tab but cannot make changes. Company Members see a “feature locked” notice.

Accessing security settings

Section titled “Accessing security settings”
  1. Go to Settings & Apps.
  2. Open the Company app.
  3. Select the Security tab.

You will see a list of login methods under Login options, each with a toggle switch.

Login methods

Section titled “Login methods”

Uku supports four login methods. You can enable any combination — keep at least one active so your team can always sign in.

Email and password

Section titled “Email and password”

The standard login method. Members sign in with their email address and a password they set during registration. Toggle Email / Password on or off.

Google login

Section titled “Google login”

Toggle Google to allow members to sign in with their Google account. When you enable Google login for the first time, click the Sign in with Google button and complete the OAuth flow. Once your account is connected, all members can use Google login on the sign-in page. Each member connects their own Google account the first time they use it.

Microsoft Azure AD (SSO)

Section titled “Microsoft Azure AD (SSO)”

Toggle Microsoft to allow sign-in with a Microsoft account. Useful for organisations using Microsoft 365 or Azure Active Directory.

When you enable Microsoft login for the first time, click Sign in with Microsoft to connect your own account. After connecting, you will see a Tenant ID (optional) field. If you enter your Azure AD tenant ID, only accounts belonging to that tenant are allowed — this prevents members from linking personal Microsoft accounts. Leave the field empty to allow any Microsoft account.

Xero login

Section titled “Xero login”

Toggle Xero to allow sign-in with a Xero account. Convenient for accounting firms that already use Xero daily. When enabling for the first time, click Sign in with Xero and complete the Xero authorization flow.

Saving your changes

Section titled “Saving your changes”

After toggling login methods on or off, click Save at the bottom of the panel. Changes take effect immediately — members see updated login options the next time they visit the sign-in page.

Tips

Section titled “Tips”
  • If your organisation uses Microsoft 365, add your Azure AD tenant ID to restrict login to company accounts only. This prevents members from connecting personal Microsoft accounts.
  • You can enable multiple login methods simultaneously. Members choose their preferred method on the sign-in page.
  • Before disabling a login method, make sure your members have an alternative way to sign in. If a member only uses Google login and you disable it, they will need to reset their password to regain access.

Managing connected accounts

Section titled “Managing connected accounts”

Each OAuth login method (Google, Microsoft, Xero) requires the Company Owner to connect their own account first. If you need to change which external account is connected, disable the login method, save, and then re-enable it to go through the connection flow again.

Was this helpful?