Skip to main content

Login to Drata (New Experience)

Updated over a week ago

We are evolving the way you log into Drata to improve security, ensure account verification and simplify the experience for those who have multiple accounts. Depending on your role and number of accounts, your login experience may look a little different. Use the guide below to see what’s changing for you.

Login without SSO

Prerequisites

  • An active Drata account

  • Access to your work email inbox

Please note that this feature will be rolled out to users gradually over a period of time.

Sign in with a verification code

  1. Go to https://auth.drata.com.

  2. Enter your work email address and select Continue.

  3. Drata sends a one-time verification code to that address.

  4. Open the email and copy the verification code.

  5. Return to the login page, paste or type the code, then select Continue.

  6. If you belong to more than one organization or have an account in multiple regions, choose the correct account from the selector.

  7. You’ll be redirected to the Drata application.

If you don’t receive the verification code

  • Check your spam/junk folder.

  • Confirm that you entered the correct work email address (no typos, aliases, or personal email).

  • If the email still doesn’t arrive, ask your IT or security team to:

    • Allowlist Drata email domains and IP addresses.

    • Confirm that your mailbox is not blocking automated emails from Drata.

  • If the problem persists, contact your internal Drata admin or Drata Support.

Login with SSO Configured

Prerequisites

  1. SSO must be configured for your organization.

  2. You must have an active account in your organization’s IdP.

Sign in with SSO (Single Tenant)

For users whose organizations require SSO to access Drata and admins who manage or support SSO-based access.

Sign in to Drata using your organization’s single sign-on (SSO) provider. Use this method if your company requires authentication through an identity provider (IdP) such as Okta, Microsoft, Google, or another SAML-based provider.

  1. Go to auth.drata.com.

  2. Enter your work email address and select Continue.

  3. If SSO is enabled for your domain, Drata will:

    • Redirect you to your IdP (for example, Google, Microsoft, Okta, or OneLogin), or

    • Show you one or more SSO options (for example, Continue with Google).

  4. Complete any sign-in and multi-factor authentication (MFA) steps required by your IdP.

  5. After successful authentication, Drata sends you back to the login service to confirm your identity.

  6. If you have access to more than one organization or workspace, choose the correct account from the selector.

  7. You’ll be redirected into Drata.

Sign in with SSO (Multi-tenant)

For users with access to multiple tenants verify their email address before signing in with SSO.

  1. Go to auth.drata.com.

  2. Enter your work email address and select Continue.

  3. Drata sends a one-time verification code to that address.

  4. Open the email and copy the verification code.

  5. Return to the login page, paste or type the code, then select Continue.

  6. Choose the correct account from the selector.

  7. If SSO is enabled for that account, Drata will:

    • Redirect you to your IdP (for example, Google, Microsoft, Okta, or OneLogin), or

    • Show you one or more SSO options if you have multiple IdPs configured.

  8. Complete any sign-in and multi-factor authentication (MFA) steps required by your IdP.

  9. You’ll be redirected into Drata.

Log In to My Drata (Employee Login)

With the release of the new experience, Employees only have access to the new Drata Experience.

  1. Login to My Drata: Select the login link provided in your email invitation

  2. Sign In: Enter your email and securely log in using your company’s Single Sign-On (SSO) or by using your work email and a secure one-time authentication code.

  3. Explore My Drata: You will automatically land in the New My Drata Experience.

Frequently Asked Questions (FAQ)

I authenticated via email rather than SSO. Is this an issue?

No, both authentication methods are fully supported and secure. While Single Sign-On (SSO) is often preferred for streamlined access and reduced re-authentication, using your email and a unique verification code is a valid alternative.

My admin is on Classic, but what about my employees?

Regardless of whether an admin is on Classic or the New Experience, all employees with employee-only roles are always routed to My Drata in the New Experience.


I still have access to the classic web login is that right?

Yes. Classic web login is still available during the rollout of the new experience.

Related Articles
Single Sign-On (SSO) Integration Guide
Populating and Managing Personnel Data in Drata (Concept Guide)
Drata & HRIS Data
How Drata Uses HRIS Data (New Experience)
Access Drata as an auditor (New Experience)
Did this answer your question?