Required Use of to Access eRA Commons, ASSIST, IAR and Commons Mobile Coming in 2021

Dear Colleagues,

Please see below a message from NIH regarding the future requirement to use (as a two-factor authentication method) to access the NIH eRA systems such as Commons & ASSIST.

Although the requirement will not be mandatory until September 15, 2021 – you have the option now to start using the new log in method.

Please see below for the details and instructions on how register for a account, and to proceed with logging into the eRA systems.

If you have any questions, please contact the ERA Team ().

The ERA Team





eRA Information: Required Use of to Access eRA Commons, ASSIST, IAR and Commons Mobile Coming in 2021

We are pleased to inform you that a new login method, in pilot since April 2020, is rolling out for all users of eRA Commons, ASSIST, Internet Assisted Review (IAR) and Commons Mobile in 2021. This secure two-factor authentication allows you to log into multiple systems using the same credentials while enhancing the security and integrity of access to data in eRA systems.

The new secure two-factor authentication (2FA) login method involves users creating an account at, a centralized government portal, and associating their eRA Commons or ASSIST account with it.  Users only need to do this association one time.  

This requirement will be phased in first for reviewers, meeting by meeting, starting with review meetings effective February 1, 2021 and beyond. As reviewers are enabled for meetings, their IAR accounts will be transitioned to require

Users of eRA Commons, Commons Mobile and ASSIST can switch any time to the new option; they are encouraged to begin the switchover to now, before the mandatory deadline of September 15, 2021 for all users.

Background: eRA has been piloting the use of to access eRA’s external modules with select review groups with excellent success since April 2020 (see our April 6 communication).

eRA’s move to two-factor authentication via is part of an HHS initiative to provide the external user community the ability to log in to four different grants systems (eRA,, and Payment Management System) using the same account via

What’s involved: The two-factor authentication method involves creating an account at, a centralized government portal, and associating your eRA Commons account with it.

If you already have an eRA Commons account:

·Make sure your Commons account is active and you know your password. If you need to reset your eRA account password, please do so by using theForgot Password/Unlock Account?link on the main Commons homepage.

·Select the login option on the Commons home screen.

·Login to using your existing account or create a new account by selecting the Create Account option.

·When you are redirected back to Commons, you will be guided through the process to associate your Commons account with your account (a one-time process).

If you do not have an eRA Commons account:

Once done, the next time you log into eRA Commons using, you will automatically be redirected to eRA Commons without having to log in again.

The three steps involved to access eRA Commons via

Figure 1: The three steps involved to access eRA Commons/IAR via

If you have multiple eRA Commons accounts

· can only be linked to one eRA Commons account

·If you have multiple eRA accounts, it is recommended that you associate your account to the eRA account that you use to perform your review activities, as reviewers are transitioning to the required use of first.

·eRA is working on a solution in the future for users with multiple eRA accounts.

Note: Once you start using to access eRA Commons or ASSIST; the use of other login methods such as Commons or ASSIST credentials (username/password) or InCommon federated credentials (use of an organization’s credentials) is not permitted. This requirement to use also applies to any activities you may subsequently do in eRA Commons as a principal investigator, reviewer, etc.  For those who utilize InCommon federated credentials, NIH is working with the InCommon Federation community to determine if and when that service could implement the necessary two-factor authentication processes to allow that login method to continue in the future.

For more information on making 2FA a requirement, please see Guide Notice NOT-OD-21-040.






Scroll to Top