Authentication

Authentication refers to the ways that a customer can access the Energy Efficiency Web Portal securely. There are two methods for authentication: single sign-on and stand-alone account management.

Single Sign-On (SSO)

SSO allows customers to use the same username and password to access the web portal and any other web applications provided by a utility. All usernames and passwords are created, maintained, and updated on the utility's web site. Oracle Utilities uses Security Assertion Markup Language (SAML) 2.0 to implement SSO with utilities. Moreover, Oracle Utilities supports Identity Provider (IdP) Initiated and Service Provider (SP) Initiated SSO using HTTP POST binding. As part of the SSO implementation process, the utility must provide a SAML Metadata file and a SAML insertion with required information. This allows Oracle Utilities to identify the customer and authenticate the request. See the Oracle Utilities Opower SSO Configuration Guide for details.

SSO requires that all authentication is handled by the utility's website. After a customer has authenticated using the utility website sign-in options, the customer has access to all features and pages of the Energy Efficiency Web Portal.

Note:

Since SSO credentials are maintained by the utility's web site, customers cannot use the Account Center in the Energy Efficiency Web Portal to change their password.

Stand-alone Account Management

Stand-alone account management requires customers to create an Energy Efficiency Web Portal account (including a user name and password) that is separate from any other utility-provided web applications or accounts. When stand-alone account management is implemented, customers can access the Energy Efficiency Web Portal by navigating directly to it and creating a new account once they get there.

The following account management options are available for stand-alone authentication customers.

Account Creation

The landing page of the Energy Efficiency Web Portal provides customers an option to create a new account. New customers are often directed to this landing page through communications such as Home Energy Reports.

Customers creating a new account must provide their name and account number exactly as it appears on their Home Energy Report or utility bill. If a customer provides incorrect information, error messages are displayed which help guide the user in how to provide the information accurately.

After a customer provides accurate account information, they must provide an email and password for their new account. Completing this step sends a confirmation email to the email address the customer supplied, which the customer then uses to verify the email address.

Account Sign In and Sign Out

Customers who have created their account can use their account email address and password to sign in from the landing page. A standard link is available throughout the Energy Efficiency Web Portal for signing out. By default, the session lasts for 30 minutes before timeout, at which point the user is automatically signed out.

Password Reset

Customers can request a password reset to help if they have forgotten their current password. To complete this process, a customer first selects the forgotten password option included with the account sign-in options. The customer is prompted to enter their utility account email address, to which a reset password email is sent. The email includes a link that directs the customer to a reset your password page, which prompts the customer to create and confirm their new password.

Note:

If a customer knows their password and wants to change it, they can use the Account Center rather than using the password reset feature. See Account Center for more information.