External User (Student) Authentication Updates | June 2026

Released: June 3, 2026

Previously, student-facing authentication was controlled by a single global setting — enabling or disabling a login method like Element Password, School SSO, Google login, or Magic Link applied it uniformly across every student-facing web application in Element451.
​
This created a difficult tradeoff for institutions that wanted to enforce School SSO for enrolled students in some apps while still allowing applicants or prospective students to create accounts using a lighter-weight method like Magic Link or Element Password for creating applications. That tradeoff no longer exists. Admins can now configure authentication methods independently for each student-facing web app, without affecting global settings or other applications.

A new Override authentication methods toggle has been added to the authentication settings card for each student-facing web application. When enabled, that application will use its own authentication configuration instead of inheriting the global Web App (External) Authentication Settings.
​

Student-facing web applications that support per-application overrides:

When the Override authentication methods toggle is disabled (default), the application inherits the global Web App (External) Authentication Settings. When enabled, the following auth methods can be toggled independently for that application:

This update directly resolves a long-standing configuration challenge for institutions managing student authentication across the full enrollment lifecycle. Institutions can now allow applicants to register with an Element Password or Magic Link—since they don't yet have institutional credentials—while simultaneously enforcing School SSO-only access on surfaces like StudentHub used by enrolled students. Each application is configured independently, so changes to one do not cascade to others.