Your first sign-in

This chapter walks you through signing in for the first time, setting a strong password, and enrolling multi-factor authentication (MFA). It takes about three minutes.

Before you start

You should already have:

  • An invitation or temporary password issued by your Tenant Admin (for a Tenant User or Tenant Admin) or by an existing Platform Admin (for Sukrit Nidhi staff).
  • If you are a tenant user: the centre code for your centre — a short identifier like pune or mumbai.
  • An authenticator app on your phone — Google Authenticator, 1Password, Authy, Microsoft Authenticator, or any other TOTP-compatible app.
Sukrit Nidhi never sends your password by email. Your admin gives you a one-time temporary password out-of-band (securely); you change it to one of your own on first sign-in.

Two doors, one platform

Sukrit Nidhi has two separate sign-in entry points because the two kinds of user live in two different databases:

You are a…Sign in atCredentials
Tenant User or Tenant Admin /auth/login
(“Centre sign-in”)		 Centre code + email + password. The centre code decides which tenant database your credentials are checked against.
Platform Admin (Sukrit Nidhi staff) /auth/platform-login
(“Platform Admin access”)		 Email + password only. No centre code.

Both doors are one click from each other — the centre sign-in page shows a “Platform Admin access” link in its footer, and vice-versa. Pick the wrong door and Sukrit Nidhi will tell you; there is no way to accidentally sign into a tenant from the platform door or vice-versa.

Step 1 — Sign in for the first time

  1. Open the Sukrit Nidhi sign-in page at the URL your admin gave you.
  2. If you are a tenant user: enter your centre code (e.g. pune), then your email, then your temporary password.
  3. If you are a Platform Admin: click Platform Admin access in the footer, then enter your email and temporary password.
  4. Submit. You will be asked to change the password to one of your own. The rules are:
    • at least 12 characters,
    • a mix of upper-case, lower-case, digit, and symbol,
    • not in the common-password dictionary,
    • not containing your email or full name.

Step 2 — Enrol MFA

As soon as you set your password, Sukrit Nidhi redirects you to the MFA enrolment screen. This is a hard requirement — you cannot reach the dashboard until MFA is enrolled.

Scan QRwith your authenticator app
Enter 6-digit codeshown by the app
Save recovery codes10 single-use codes
Dashboardyou’re in
Save your recovery codes somewhere safe and not on the same device as the authenticator. If you lose your phone, a recovery code is how you get back in.

Step 3 — Everyday sign-in

  1. Go to the Sukrit Nidhi login page.
  2. If you are a tenant user: enter your centre code first, then email, then password. If you are a Platform Admin: click Platform Admin access and skip the centre code.
  3. When prompted, enter the 6-digit code from your authenticator app.
  4. You land on the role-appropriate dashboard.
Tenant users — your centre code is part of your login, not a secret. It’s the same every day. Write it on a sticky note if you must. The guarantee Sukrit Nidhi gives you is that even if someone knows the centre code, they still need a valid email + password + MFA to sign in.

What if my 6-digit code doesn’t work?

The usual culprits, in order of likelihood:

  • Clock drift — the phone’s time is slightly off. Enable automatic time on the device and try again.
  • Wrong entry — the authenticator shows the current code, which ticks every 30 seconds. If it’s halfway through the cycle, wait for the next one.
  • Enrolled on a different account — authenticator apps support multiple accounts; pick the one labelled with your email and the NGO name.

Step 4 — Step-up re-authentication

Some actions (closing a period, building an audit bundle, granting auditor access) ask you to re-prove your identity even if you’re already signed in. This is called step-up. You’ll enter your current MFA code; the elevated session lasts five minutes.

The MFA & step-up re-auth chapter explains exactly which actions require it and how to change your authenticator when you get a new phone.