Notifying a new school induction tutor and first sign in

Posted on

How a newly nominated school induction tutor gets notified and the journey they follow when signing in for the first time

User needs

As a newly nominated induction tutor i need to
be notified that i can sign into the service and informed of my responsibilities

Business goals

  • notify the induction tutor that they are now responsible for reporting data and decisions to DfE
  • provide users with a way of signing in that doesn’t require passwords
  • provide the induction tutor with the most recent privacy policy for them to read when signing in (appears only once, with every change)

How it works

The journey works as follows;

  1. After a school has nominated an induction tutor, this person receives an email notifying them of their new role and the next steps they need to take
  2. They follow a link in the email and arrive on the service start page for “Manage training for early career teachers”
  3. They follow a password-less sign in journey, where authentication involves the user clicking on a unique link sent to their email address, instead of entering in a password
  4. Once authentication is successful, the user is signed in and presented with the privacy policy. This privacy policy only appears the first time a user signs in, or if an amendment to the policy has been made since they last viewed it.
  5. If the user hasn’t yet chosen a programme for this upcoming cohort, they are redirected to the School choosing an induction programme for a cohort journey.

Wireframe journey

alt text

Link to journey on Miro

Prototype of journey

Journey start page (be sure to choose the appropriate settings first).

Username: ecf
Password: ecf

Future considerations

We’re assuming that they can access their email inbox, on the same browser that they are using the service. What if they have their personal email on their phone but are accessing the platform on a school-issued laptop? An alternative would be to email the user a 6 digit authentication code, which they are prompted for during sign in.

We don’t tell users if they don’t have an account

We do this to protect against Observable Response Discrepancy), however this could confuse users especially as there is no explicit registration. Other services have decided to introduce a “you do not have an account page” and inherit the risk, as the benefits to the end users (and service support team) were more important. This maybe worth exploring if we want to prevent a bottle neck with the support team.

Error states

The unique sign in link that’s emailed to users, has a token which is only valid for 1 hour. If this token has expired, the user is prompted to sign in again.

Screenshots

Email: Sign in to manage induction

Screenshot of Email: Sign in to manage induction

Start page: Manage training for early career teachers

Screenshot of Start page: Manage training for early career teachers

Sign in

Screenshot of Sign in

Check your email

Screenshot of Check your email

Email: Link to sign in

Screenshot of Email: Link to sign in

You are now signed in

Screenshot of You are now signed in

Privacy policy

Screenshot of Privacy policy

Error: This link has expired

Screenshot of Error: This link has expired