Overview

Use this guide to sign in to Covidence quickly, choose the right path (personal login vs institutional SSO), and resolve common access issues in minutes. It also explains eligibility, account lifecycle, security and compliance, and integrations so you can work efficiently and meet PRISMA reporting needs.

Covidence is a web platform that streamlines systematic reviews—citation import, deduplication, title/abstract and full‑text screening, conflict resolution, data extraction, and PRISMA flow outputs.

If your university or hospital has a subscription, you can typically access Covidence with your institutional email via single sign‑on (SSO). External collaborators can still be invited to projects even without institutional emails.

For training, see the Covidence Help Center and Academy resources. Also reference the PRISMA 2020 statement for reporting standards.

Direct Covidence login and sign-in paths

Go straight to the Covidence login page and pick the path that matches your access: personal email/password or institutional SSO. If you’re affiliated with an institution, try the institutional route first. It usually grants access to the site license and shared projects.

A good rule of thumb is: if your institution pays for Covidence and you have an active institutional email, select the institutional SSO option and find your organization. If you’re an independent user, a collaborator without eligible institutional access, or you bought an individual plan, sign in with your personal email and password.

Personal account sign-in

Use personal account sign‑in when you created a Covidence account with a personal email and password, or when you’re collaborating on a project that isn’t tied to a site license. On the login page, enter your email and password and continue. If you also have an institutional account, make sure you’re using the email that matches the projects you need.

If you forgot your password, use the reset link on the login page and check your spam/junk folder for the reset email. If you no longer have access to that email address, contact the Covidence Help Center to verify your identity and update your login.

Institutional SSO sign-in (university/hospital)

Use institutional SSO when your university or hospital provides Covidence access and your account is linked to an institutional email domain. On the login page, select the institutional/SSO option, search for your organization, and continue to your identity provider (IdP), such as Microsoft Entra ID (formerly Azure AD), Okta, or Shibboleth.

After you authenticate with your institution, you’ll return to Covidence with access to projects and features under your site license. If you encounter a loop back to the login page, see the SSO section below for quick fixes and IdP‑specific hints using resources like Shibboleth’s overview, Okta SAML SSO, and Microsoft Entra single sign‑on.

First-time access: personal vs institutional accounts

Start in the right lane so your access matches your role and available license. If your organization funds Covidence, use your institutional email from the outset.

If your organization does not fund access, set up a personal account and upgrade only if needed.

If you’re affiliated with an institution but collaborating across organizations, you can still invite external teammates to a project via their personal emails. This keeps your project centralized while respecting eligibility rules tied to the site license.

Creating an account under an institutional license

Activate under your institution by starting at the Covidence login page, selecting the institutional/SSO option, and authenticating with your university or hospital credentials. If prompted, confirm or create a Covidence profile using your institutional email domain.

Some institutions require you to start from a library Covidence page or a custom SSO link. If SSO fails, search your library website for “Covidence” to find institution‑specific instructions.

If your email domain isn’t recognized but you believe you’re eligible, contact your library or the Covidence Help Center with your role and institution.

Creating a personal account

If you do not have institutional access, create a personal account with your preferred email and a strong password at the Covidence login page. You can join projects when invited by owners or purchase/upgrade a personal plan if you need to create your own projects.

Choose this path if you’re an independent researcher, an external collaborator, or your institution doesn’t subscribe. If your situation changes later (e.g., you gain institutional access), you can request help to merge accounts or update your primary email.

SSO guidance for universities and hospitals

Get reliable access by choosing the correct SSO option and avoiding the common loop that returns you to the login screen. SSO typically uses SAML 2.0, an open standard for exchanging authentication assertions between an identity provider (IdP) and a service provider, to authenticate you with your institution before passing you to Covidence. See the OASIS SAML 2.0 standard for background.

If you’re unsure which option to choose, your institutional library’s Covidence guide usually names the correct provider and link. For additional context, see Shibboleth’s overview, Okta SAML SSO, and Microsoft Entra single sign‑on.

Choosing the correct SSO provider

Selecting the right SSO tile matters because domain mismatches cause loops and authorization errors. Use the provider associated with your institution and sign in with the correct institutional email (e.g., firstname.lastname@univ.edu rather than an alumni or departmental alias).

If you have multiple roles or emails (e.g., student and staff), pick the identity that maps to your Covidence eligibility and current projects. When in doubt, start from your library’s Covidence page or ask IT which IdP your Covidence integration uses.

Fixing SSO loops and token errors

Most SSO loops resolve by clearing stale tokens and forcing a clean re‑authentication. Try the following and then attempt SSO again:

Password reset, email verification, and two-factor authentication

Recover your account quickly by using the correct reset path and knowing who manages verification and MFA. For personal accounts, use the “Forgot password” link on the login page and complete email verification. For SSO, password and multi‑factor are controlled by your institution’s IdP.

If you don’t receive verification or reset emails, check spam, confirm the exact email you used at sign‑up, and allowlist Covidence messages with your email provider. Most verification and reset links are time‑limited for security, so request a fresh link if one expires.

Under institutional SSO, contact your IT help desk if you need to reset your institution password or manage MFA. Covidence cannot override your IdP settings. For current guidance on supported authentication features, consult the Covidence Help Center.

Troubleshooting common login errors

Resolve access blockers fast by matching the symptom to a targeted fix. Start with environment checks (browser, cookies, VPN) and then confirm your account type and email domain.

If issues involve institutional SSO, reproduce the problem in an incognito window and capture the exact error message for IT. If it’s a personal account issue, confirm your email and reset your password before escalating to support.

Expired invitations or verification links

Replace expired invites or verifications by asking the project owner to resend your invitation. You can also start sign‑in again and request a new verification message.

If the invite was sent to the wrong email, have the owner invite your correct address or contact support to update your account email. For persistent problems, include the project name and email addresses when contacting the Covidence Help Center.

Domain mismatch and unauthorized email

If the system says your email is unauthorized, your address likely doesn’t match the institution’s licensed domains. Switch to your official institutional email or ask your library to confirm which domains are covered (e.g., @med.univ.edu vs @univ.edu).

If you no longer have an institutional email, use a personal account and request project invitations from teammates. You can also ask support to help merge or change your primary email if your affiliation changed.

403/404, locked accounts, and rate limits

A 403 often indicates you’re authenticated but not authorized under the current email or institution. Verify you’re using the correct sign‑in path and domain.

A 404 can stem from outdated bookmarks or expired invite links—always start at the Covidence login page. If you trigger lockouts or rate limits after multiple failed attempts, wait 15–30 minutes before retrying with the correct path.

If problems persist, share the exact error, time, and sign‑in method with the Covidence Help Center.

Browser cookies, extensions, VPN/firewall conflicts

SSO redirects require cookies and pop‑ups to complete; strict privacy settings or extensions can interrupt the flow. Temporarily disable ad blockers, allow third‑party cookies for your IdP, and try an incognito window to rule out extensions.

Institutional VPNs or firewalls may block SAML assertions or key endpoints. Disconnect from VPN or try a different network to test. If access works off‑network, ask IT to allowlist Covidence and your IdP’s SSO endpoints.

Eligibility and account lifecycle

Plan ahead by confirming who qualifies and what changes when you leave. Institutional access typically covers current faculty, staff, and students using eligible email domains. Alumni and affiliates may not be included.

External collaborators can join projects by invitation regardless of their email domain, though they won’t automatically receive institutional features. For institution‑specific rules, check your library’s guidance or contact the Covidence Help Center.

Graduation or departure from institution

When you graduate or depart, your institutional SSO access usually ends. This can affect your ability to create new projects or access licensed features.

You’ll still retain any personal account you created, but projects under an institutional license may need new owners. Before your access ends, switch your login email if allowed, transfer ownership where appropriate, and export critical data and PRISMA flow records.

If timing is tight, coordinate with your project team and library to ensure no disruption to ongoing reviews.

Transferring ownership and exporting projects

Avoid project orphaning by moving ownership to a current team member with ongoing eligibility. The project owner or admins can invite a new owner, confirm acceptance, and then remove your access after a handover period.

Export screening decisions, data extraction, and PRISMA flow data as part of your offboarding checklist. If you encounter errors or need bulk exports across projects, the Covidence Help Center can advise on the most complete export options.

Managing accounts: merging duplicates and changing primary email

Keep your access clean by consolidating duplicates and aligning your primary email with your current affiliation. If you accidentally created both personal and institutional accounts, request a merge so you don’t lose project history.

Provide support with both emails, your preferred primary email, and links to any critical projects. If your account is SSO‑linked, changing the primary email may require coordination with institutional IT to align your IdP identity with Covidence.

Roles and permissions that affect access

Understand roles so you know who can see, invite, and transfer within projects. Typically, owners can create projects, manage settings, invite or remove collaborators, assign roles, and transfer ownership.

Reviewers can screen and extract data but may have limited admin controls. Some institutions configure stricter policies around who can create projects under the site license.

If you can’t see a project you expect to access, confirm your role with the owner. Also verify that you’re logging in through the correct email and sign‑in path.

Pricing and procurement overview

Choose the right plan based on whether your institution already covers you. Many researchers access Covidence through a site license.

If yours doesn’t, you can purchase an individual subscription or request that your library evaluate an institutional plan. For current options and features included with individual and institutional plans, visit the Covidence pricing page.

Librarians and administrators can contact Covidence to discuss campus‑wide subscriptions, SSO setup, and onboarding.

Security, privacy, and compliance essentials

Protect study data by following your institution’s governance and understanding how authentication and storage work. Covidence authenticates users either by email/password or via institutional SSO (SAML), where your institution manages passwords and multi‑factor at the IdP. SAML is widely used for enterprise SSO, as described in the OASIS SAML 2.0 standard.

For data protection, review Covidence’s privacy and security statements in the Covidence Help Center. Ensure your workflows avoid storing personally identifiable information or protected health information.

GDPR applies to EU personal data and requires specific safeguards for processing and transfers; see the European Commission’s overview of EU data protection rules. In U.S. healthcare settings, the HIPAA Privacy Rule governs protected health information (PHI); consult your privacy office or IRB and review the U.S. HHS HIPAA Privacy Rule to confirm whether your project includes PHI and what agreements may be required.

System requirements, browsers, and network/VPN considerations

Get the smoothest experience by using a modern, fully updated browser, especially during large imports and SSO redirects. Covidence typically works best in current versions of Chrome, Firefox, Edge, and Safari with cookies and pop‑ups enabled.

Performance can degrade with aggressive content blockers or outdated extensions. Allowlist Covidence and your IdP or test in a private/incognito window.

If you’re on a restrictive network or VPN, try switching networks or requesting that IT allowlist Covidence domains and your SSO endpoints.

Integrations, imports/exports, and PRISMA outputs

Speed up your workflow by importing citations from reference managers and exporting PRISMA outputs for reporting. Covidence supports imports from EndNote, Zotero, and similar tools using RIS or EndNote XML files. It performs automatic deduplication on ingest.

You can export screening decisions, extraction tables, and PRISMA flow counts to support manuscripts and registries. For PRISMA reporting standards and examples, see the PRISMA 2020 statement. Refer to the Covidence Help Center for import/export and deduplication specifics.

Covidence vs Rayyan, DistillerSR, and EPPI-Reviewer

Pick the tool that matches your team’s scope, compliance needs, and budget. Covidence prioritizes an intuitive screening workflow, strong deduplication, and straightforward PRISMA exports. This suits many academic teams and teaching contexts.

Rayyan offers fast, free‑to‑start screening with powerful tagging, but teams often add other tools for extraction and audit trails. DistillerSR provides robust enterprise features, advanced auditability, and automation at a higher price and steeper learning curve.

EPPI‑Reviewer is feature‑rich and highly configurable, but it can require more setup time and training. If you’re on an institutional license, Covidence’s SSO and library support often simplify onboarding and collaboration.

Support and service status

Resolve issues quickly by contacting the right team. For sign‑in problems under institutional SSO, contact your IT or library first because they manage the IdP and eligibility. For product‑specific issues, data exports, or account merges, contact the Covidence Help Center.

If login problems appear widespread, test another browser and network and check your library or IT status pages for SSO incidents. Covidence may post notices in the Help Center or in‑app. Capturing timestamps and screenshots will speed diagnosis with both Covidence and your institution.