Logo

Sign In & Sign Up

TL;DR — Brightstep accounts use email + a one-time code (no passwords). To sign in, enter your email — we send a 6-digit code to your WhatsApp (if your phone is on file) or email. Enter the code and you're in. To sign up, enter your name and email — we send a magic link; click it to finish creating the account. Social sign-in with Apple, Google, and Microsoft is also available on both screens.

Before you start

  • You'll need a working email address. The same email is your account identifier across the platform.
  • For candidates, the email you use to sign up should be the one you want admissions correspondence sent to.
  • You don't pick a password during sign-up — Brightstep uses one-time codes and magic links instead.

Two screens, one layout

The sign-in (/login) and sign-up (/register) screens share the same layout:

  • Left panel (form) — the Brightstep logo at the top-left, the form (email + social buttons) in the middle, and a footer at the bottom-left with the copyright, a theme toggle, and the EN / FR language pill.
  • Right panel (gradient sidebar) — a colored gradient mesh with rounded corners, your institution's logo at the top, and an admissions tagline at the bottom. On mobile, this sidebar is hidden and the form takes the full width.

A link below the form ("Don't have an account? Sign up" / "Already have an account? Sign in") flips between the two screens without losing the email you've typed.

Sign in with email + code

  1. Open the sign-in page (the institution's link or /login).
  2. Enter your email and click Continue with Email.
  3. The form switches to an OTP step asking for a 6-digit code. The code is sent to your WhatsApp if you have a phone number on file — otherwise to your email.
  4. Enter the code. The form auto-submits when you reach 6 digits.
  5. You're signed in and redirected to the page you were trying to reach (or your dashboard).

The email field is preserved through both steps — refreshing keeps the code-entry view if it hasn't expired.

WhatsApp vs email code

When you click Continue with Email, Brightstep picks the channel for you:

  • If your phone number is on file, the code is sent via WhatsApp to that number — usually the fastest. The OTP screen says "We sent a code to WhatsApp at +1 ••• ••• 0192" with masking.
  • If WhatsApp delivery fails or no phone is on file, the code is sent via email.

A small "Try email instead" link on the OTP screen forces a re-send to the email address — useful if you don't have your phone handy. The reverse is not available — the system can't send to WhatsApp if there's no phone number on the account.

Resend cooldown

Each channel has a 30-second resend cooldown:

  • After requesting a code, the Resend button is greyed out and counts down ("Resend in 28s").
  • The cooldown is per-channel — you can request via WhatsApp and immediately resend via email if WhatsApp didn't arrive.
  • After the cooldown, click Resend to get a fresh 6-digit code. The previous code is invalidated.

Sign in with Apple, Google, or Microsoft

Below the email form, three social-login buttons:

  • Apple — opens the standard Apple sign-in flow. You can choose to share your real email or use a hide-my-email relay.
  • Google — Google account picker.
  • Microsoft — works with personal Microsoft accounts and work/school accounts.

Social sign-in skips the OTP step entirely — once you authorize the provider, you're back on Brightstep, signed in. The provider also supplies your avatar automatically.

The same buttons exist on the sign-up screen — there's no separate "register with Google" — picking Google on either screen creates the account if it doesn't exist or signs you in if it does.

Sign up

  1. Open the sign-up page (/register) — usually reached from the sign-in screen via the "Sign up" link, or from a campaign's public landing page.
  2. Enter your Full name and Email.
  3. (For candidate flows on a public campaign link, a captcha challenge may appear — see below.)
  4. Click Continue with Email. The form sends a magic link to your email.
  5. You're redirected to the Check email page asking you to click the link in the email we just sent.
  6. Open the email, click the link, and the account is created. You're automatically signed in and redirected.

Or: click any social button to skip the magic-link step entirely.

The magic link expires after a short window (typically 15 minutes). The Check email page tells you where the email was sent and offers:

  • A Resend button (with the same 30-second cooldown as sign-in OTPs).
  • An "Use a different email" link that takes you back to the sign-up form.

If the email doesn't arrive, check spam, then resend. Clicking the link in the most recent email is what counts — older links are invalidated by a newer send.

Captcha on candidate sign-up

Sign-ups arriving from a candidate-facing flow (the Apply link or a public campaign landing) may show a Cloudflare Turnstile captcha widget below the email field. It runs automatically — no clicks required in most cases. The Continue with Email button stays disabled until the widget reports success.

The captcha is not shown to team members signing up via an admin invitation — those flows use a token-based invite instead.

Language on the auth screens

The pill toggle at the top-right switches between English and Français for the current visit. Once signed in, your profile language preference takes precedence — if you want the language to stick, set it under Profile.

A tooltip on the toggle is in the opposite language to help users who landed on the wrong one — the English page's toggle says "Changer la langue" and vice versa.

What happens after sign-in

Where you land depends on how you arrived:

  • No specific destination — you go to your Overview / Dashboard for your role.
  • You clicked a campaign apply link (/apply/<slug>?org=...) — you're routed to the campaign's public landing page, where you can click Start Application.
  • You followed a deep link (e.g. an email pointing at a specific application) — you go straight to that page after auth.
  • First-time candidate — a Profile completion modal blocks the next page until you've added your phone (with OTP verification) and location.

Troubleshooting

SymptomCauseFix
The OTP code never arrives on WhatsAppWhatsApp number on the account is wrong, blocked, or out of dateClick Try email instead on the OTP screen
OTP says Invalid or expiredThe code is older than its lifetime, or you typed a previous codeClick Resend and use the newest code only
Email never arrives at allSpam folder, mistyped email, or your provider's filterCheck spam; if still missing, click Use a different email and try again
"Too many attempts" errorThe account hit a sign-in rate limitWait a few minutes and try again. Rate limits are short
Apple / Google / Microsoft button does nothingPop-up blocker or browser denied the OAuth windowAllow pop-ups for the auth provider's domain and retry
"Email not found" on sign-inNo account exists for that email yetClick Sign up to create one — same email works
Magic link says expiredLink wasn't clicked in timeClick Resend on the Check email page
Captcha widget never finishesNetwork blocks Cloudflare TurnstileTry a different network; corporate firewalls sometimes block challenges
Signed in but landed on the wrong dashboardYour active organization isn't the one you expectedSwitch organizations from the picker at the top of the sidebar
Your Profile — name, phone, language preference, notification settingsQuick Start for Candidates — what happens right after sign-inQuick Start for Administrators — set up your organization after signing up

Was this page helpful?