User onboarding is the process of getting new people into your account and giving each of them exactly the access they need, no more and no less. Access management is what keeps that tidy over time as teachers join, switch departments, and leave. In a school setting these two jobs are the quiet backbone of everything else. If a teacher cannot log in, they cannot check a single paper. If a long departed substitute still has full administrator rights, you have a security problem nobody is watching.
This guide walks through how onboarding and access work in Checkmark Plagiarism, in plain language, so an administrator can set up a department, a building, or an entire district without guesswork. You do not need to be technical. You just need ten quiet minutes and a list of names.
What roles actually mean
Before you add anyone, it helps to understand the vocabulary, because every access decision flows from it.
A role is a bundle of permissions. Instead of toggling thirty individual settings for each person, you assign one role and the permissions come along for the ride. Checkmark uses a small, deliberate set of roles so the choices stay simple.
- An administrator can add and remove users, manage billing and seats, see usage across the account, and configure account wide settings. This is the person holding the keys. Keep the number small.
- A teacher (sometimes called an instructor or standard user) can submit documents, run plagiarism and AI writing checks, view their own reports, and manage their own classes or folders. This is the role most of your people will have.
- A viewer or read only role, where available, can open and read reports but cannot submit new documents or change settings. This is useful for a department head who wants visibility without doing the day to day checking, or for an aide.
The guiding idea is least privilege: give each person the smallest role that lets them do their job. It feels generous to make everyone an administrator. It is not generous, it is risky. Every extra administrator is one more account that, if compromised or simply forgotten, can change billing or delete users.
How to add a single user
Adding one person is the most common task, so start here.
- Sign in as an administrator and open the account or team area, usually labeled Users, Team, or Manage Members in the main menu.
- Click Add user (or Invite member). A short form appears.
- Enter the person's name and their school email address. Use the school email, not a personal one. It makes future audits far easier and ties the account to an address your district actually controls.
- Choose a role from the dropdown. For most teachers this is the standard teacher role. Reserve administrator for the one or two people who genuinely manage the account.
- Send the invite. The new user receives an email with a link to set their password and finish creating their account.
That is the whole flow. The person is not fully active until they accept the invite and set a password, which is a deliberate safety feature. It means you can never accidentally create a live account with a password someone else chose.
If an invite seems to vanish, the culprit is almost always a spam filter or an overzealous district email gateway. Ask the recipient to check spam, and ask your IT team to allowlist email from Checkmark's sending domain. You can usually resend the invite from the same user list.
How to add many users at once
Inviting one teacher is easy. Inviting forty before the term starts is where people groan. Bulk onboarding solves this.
Most accounts support a bulk invite or CSV import. The pattern is consistent:
- Download the sample CSV template from the import screen so your columns match what the system expects. Typically that means a column for name, one for email, and one for role.
- Fill it in with your staff list. A quick way to build this is to export from your student information system or your existing email group, then trim it to the columns you need.
- Upload the file. The system validates it and shows you a preview, flagging duplicates or malformed email addresses before anything is created.
- Confirm. Every valid row gets an invite email, and your user list fills in.
Two habits make bulk imports painless. First, clean the email column before you upload; a stray space or a typo is the number one cause of failed rows. Second, import in batches by group (one department or building at a time) rather than one giant file. If something looks off, you only have to re-check twenty rows, not two hundred.
Managing access after onboarding
Onboarding is a moment. Access management is forever. People change roles, take leave, and move on, and the account needs to keep up.
Changing a role. When a teacher becomes a department lead, open their entry in the user list and change the role in the dropdown. The change takes effect immediately the next time they sign in. There is no need to delete and re-invite them, which would lose their history.
Suspending versus removing. These are not the same, and the difference matters.
- Suspending (or deactivating) freezes an account. The person cannot sign in, but their reports and history stay intact. This is the right move for a teacher on parental leave, a summer gap, or anyone you expect to return.
- Removing deletes the user from your account and frees the seat. Use this when someone leaves for good. Before you remove anyone, check whether their reports need to be preserved or handed to a colleague, because removal can take that access with it.
Reclaiming seats. Your plan includes a set number of seats. Suspended and removed accounts free those seats up so you are not paying for people who left. A good rhythm is to review your user list at the end of each term, suspend the inactive, and remove the truly gone. Ten minutes of housekeeping keeps your bill honest and your account secure.
Common misconceptions
A few beliefs trip up new administrators, so it is worth naming them directly.
"Everyone needs to be an administrator to do their job." Almost never true. A teacher can submit papers, run checks, and read every report they create with the standard role. Administrator is only for managing people, billing, and settings.
"Deleting a user is how you free up a seat." Suspending also frees the seat in most plans, and it keeps the person's history. Reach for suspend first, delete second.
"Once I invite someone, they are in." Not quite. An invited user is pending until they accept and set a password. If a colleague says they cannot log in, your first check is whether the invite was ever accepted.
"Sharing one login is simpler than adding everyone." It is simpler right up until it is a disaster. Shared logins destroy accountability (you cannot tell who submitted what), break personalized report history, and violate most district security policies. Individual accounts are the only safe way.
A simple onboarding checklist
If you remember nothing else, remember this short sequence.
- Decide your roles first: who needs administrator, who is a standard teacher, who only needs to view.
- Gather a clean list of names and school email addresses.
- Add people one by one for a small team, or via CSV import for a large one.
- Tell your staff to expect an invite email and to check spam if it does not arrive.
- At the end of each term, review the list and suspend or remove anyone who has left.
Good access management is invisible when it works. Nobody thanks you for it, but the day a login fails during a deadline or an auditor asks who can see what, the quiet ten minutes you spent setting roles correctly will be the best ten minutes you ever spent.

