Unified user identity across Geotab systems

IT-IT, DE-DE, ES-LATAM, JA-JP, PT-BR, FR-CA, PL-PL

May 2025



Introduction

Geotab is enhancing user identification and access across all platforms. Instead of having to create accounts and sign in separately to each account, customers will now be able to access all Geotab platforms as one single user. This update will streamline user management and provide a more secure and seamless experience.

This transition should have minimal impact on users and will happen in phases, starting at the end of June. This document outlines all the changes users can expect.

Benefits

1. Secure and seamless access to Geotab applications, services, and resources
2. Simple and streamlined user authentication process
3. Broader adoption of Single Sign-On (SSO) protocols

Streamlined experience

Creating a New User (Administrator)

To add a new user in MyGeotab:

1. From the main menu, navigate to People > Users & Drivers.
2. Click the + User button.
3. A new user template will appear, prompting you to enter a username.
4. 1. Username with real email address – Using a valid email address as the username ensures a smooth and secure experience across multiple databases.

   2. ✱ NOTE: Administrators will not be able to set the password for email users. Invalid email addresses will prevent users from receiving password setup links and should not be used as usernames.

   2. Username with non-email address – For usernames that aren’t email addresses (such as johndoe), the administrator will still be required to create a password.

Username requirements

1. Between 4 and 60 characters
2. No spaces between characters
3. Symbols permitted, but not required, include: @^$.!`-#+'~_
4. The username cannot be “None”

✱ NOTE: Fake email addresses can’t be used.

Editing usernames

Users who migrate to the new experience are able to edit their user name after the account setup. Refer to Editing users & drivers for more information.

Account status

Once the new user receives the email, the administrator can track the status of the account setup process. The user will display one of the following statuses:

1. Pending – Waiting for the user to activate their account.

2. 

2. Expired – The process has reached the 7-day waiting limit, and the Administrator needs to resend the email.
3. No status – The password was successfully created.

Account Activation (User)

Linking users to multiple databases (Administrator)

Once the user and password have been created, the administrator can start adding the user to multiple databases.

✱ NOTE: Access to multiple databases is restricted to users with valid email addresses, with the exception of the “Service Account” user type.

Accessing the database (User)

Logging into multiple databases (User)

Resetting passwords

Administrator

1. If the user has a valid email account, the Administrator should guide the user to the MyGeotab login page, where they can select Forgot password? to receive a reset link via email.
2. If the user has a non-email user account, the Administrator can reset the through MyGeotab on behalf of the impacted user. Refer to Resetting or updating a user’s password for more information.

3. User or Driver

3. The user or driver should go to the MyGeotab or Drive App login page and select Forgot password? to receive a reset link via email.

Changing passwords

To change your password, click your account name and select Change password.

Managing account lockouts (Administrator)

The default account lockout policy determines that users are automatically locked out of their account for 5 minutes after 5 failed login attempts. Additional failed login attempts will extend the lockout time to 10 minutes.

Administrators can’t manually unlock users, and should advise them that password resets can be used to immediately regain access.

API Users

New authentication type for API users

The new authentication type Service Account focuses on API users. Current API users need to update their authentication type to Service Account by the middle of June, 2025. For more information, refer to the Service Account Guidelines.

✱ NOTE: User Interface (UI) access is not available for API Service Account users.

Additional updates

1. Updated audit logs: Since you only need to authenticate once, the system will create an audit for your initial User Login. After that, you'll seamlessly access other databases without additional login prompts or audit entries. Same applies for User Logout events
2. Account Policy settings: We've removed our User Account Policy settings and since most of our customers already use the default settings, you’ll enjoy a smoother transition with minimal effort. MyAdmin will update their user policy to match MyGeotab for a consistent platform experience.
3. Weak passwords: To strengthen the security weak passwords of less than 8 characters will not be allowed.
4. Deep linking as single sign-on: Customers currently using deep linking as a single sign-on will not be included in the rollout at this time.
5. Removing numbers from URLs: If you currently use a number in your URL (for example: my12.geotab.com) you may receive an error on the login page. To mitigate this error, remove the number from your URL (for example to: my.geotab.com).

Frequently Asked Questions (FAQs)

Account and username

What happens if a current user has a fake email address and tries to link to multiple databases?

You cannot use a fake email. The user would have to switch to a valid email address to access multiple databases. The only exception is the Service Account authentication type, for API users with no UI access.

What happens if my current username does not match the new username validation criteria?

You will not be impacted immediately, and your login will still work. However, we highly recommend updating the username.

What happens if the username I want to create already exists? (ex. JohnSmith is already in the system?)

The system will show a message when the username already exists. You will be required to use a different, unique username that’s not already in the system.

Why can’t I see the User Account Policy setting in MyGeotab?

You are not able to see the Account Policy because you are using the default settings provided by the system.

Login and authentication

I am currently using Deep Linking to access Geotab applications. How does the change impact this?

The new login experience does not support deeplink-based authentication at the moment. Your database will be excluded for now. We will provide you more information throughout the year.

Is Geotab implementing OAuth 2.0?

Yes, the new authentication flow is based on the OAuth 2.0 framework, which we are currently releasing for real users with this migration. In our next iteration we will onboard API users.

Will my login experience be significantly impacted?

We designed the software with the goal of not generating any significant change to the users, but we’re here to help! If this change significantly impacts your workflow, please reach out to your Partner Account Manager or Partner.

As a MyAdmin user, why is my authentication type converted to Basic Authentication ?

Previously, MyGeotab managed user credentials in two ways: Basic Authentication and MyAdmin. The unified authentication is eliminating the need for separate systems. All users are now authenticated through the unified authentication, using Basic Authentication. The MyAdmin (Reseller Support) authentication type will remain visible in the dropdown in MyGeotab until all users are migrated.

As a MyAdmin User, my authentication type was changed to Basic Authentication in MyGeotab. Does that impact my access to MyAdmin?

You should continue to have the right access to MyAdmin.