diff --git a/backend/api/views.py b/backend/api/views.py
index 43f5c10ee1..275328a1f6 100644
--- a/backend/api/views.py
+++ b/backend/api/views.py
@@ -183,7 +183,27 @@ def access_and_submission_check(user, data):
 
         return {"report_id": sac.report_id, "next": "TBD"}
 
-    return {"errors": serializer.errors}
+    return {
+        "errors": serializer.errors,
+        "certifying_auditee_contact_fullname": data.get(
+            "certifying_auditee_contact_fullname"
+        ),
+        "certifying_auditee_contact_email": data.get(
+            "certifying_auditee_contact_email"
+        ),
+        "certifying_auditee_contact_re_email": data.get(
+            "certifying_auditee_contact_re_email"
+        ),
+        "certifying_auditor_contact_fullname": data.get(
+            "certifying_auditor_contact_fullname"
+        ),
+        "certifying_auditor_contact_email": data.get(
+            "certifying_auditor_contact_email"
+        ),
+        "certifying_auditor_contact_re_email": data.get(
+            "certifying_auditor_contact_re_email"
+        ),
+    }
 
 
 class Sprite(generic.View):
diff --git a/backend/audit/templates/audit/manage-submission-change-access.html b/backend/audit/templates/audit/manage-submission-change-access.html
index 61216e7ddc..ad07e07967 100644
--- a/backend/audit/templates/audit/manage-submission-change-access.html
+++ b/backend/audit/templates/audit/manage-submission-change-access.html
@@ -31,23 +31,26 @@ <h1 id="role-management">Add Audit Editor</h1>
                             For the changes to take effect, users must log out and log back in to their account.
                         </p>
                     {% endif %}
-                    
-                    <hr />
-                    
                     {% if errors %}
-                        <ul>
-                            {% for error in errors %}<li class="usa-error-message">{{ error }}</li>{% endfor %}
-                        </ul>
+                        <span class="usa-error-message" role="alert">There were errors when attempting to submit the form. Scroll down for more details.</span>
                     {% endif %}
-                    
+
+                    <hr />
+
                     <label class="usa-label" for="fullname">New name:</label>
-                    <input class="usa-input" id="name" name="fullname" placeholder="[name]" />
-                    
+                    <input class="usa-input"
+                           id="name"
+                           name="fullname"
+                           placeholder="[name]"
+                           value="{{ certifier_name }}"/>
+
                     <label class="usa-label" for="email">New email address:</label>
                     <input class="usa-input"
                            id="email"
                            name="email"
-                           placeholder="[email address]" />
+                           placeholder="[email address]"
+                           value="{{ email }}"/>
+                    <span class="usa-error-message" id="email-error-message" role="alert">{{ errors.email }}</span>
                 </fieldset>
                 <button class="usa-button margin-top-5" id="continue">Submit</button>
                 <a class="usa-button usa-button--unstyled margin-left-2"
diff --git a/backend/audit/views/manage_submission_access.py b/backend/audit/views/manage_submission_access.py
index 397b8c9c3e..fc24a62879 100644
--- a/backend/audit/views/manage_submission_access.py
+++ b/backend/audit/views/manage_submission_access.py
@@ -1,3 +1,4 @@
+import logging
 from types import SimpleNamespace
 from django import forms
 from django.db import transaction
@@ -13,6 +14,8 @@
     SingleAuditChecklist,
 )
 
+logger = logging.getLogger(__name__)
+
 
 def _get_friendly_role(role):
     return dict(ACCESS_ROLES)[role]
@@ -54,29 +57,7 @@ def get(self, request, *args, **kwargs):
         """
         report_id = kwargs["report_id"]
         sac = SingleAuditChecklist.objects.get(report_id=report_id)
-        context = {
-            "role": self.role,
-            "friendly_role": None,
-            "auditee_uei": sac.general_information["auditee_uei"],
-            "auditee_name": sac.general_information.get("auditee_name"),
-            "certifier_name": None,
-            "email": None,
-            "report_id": report_id,
-            "errors": [],
-        }
-        if self.role != "editor":
-            try:
-                access = Access.objects.get(sac=sac, role=self.role)
-            except Access.DoesNotExist:
-                access = SimpleNamespace(
-                    fullname="UNASSIGNED ROLE", email="UNASSIGNED ROLE", role=self.role
-                )
-
-            context = context | {
-                "friendly_role": _get_friendly_role(access.role),
-                "certifier_name": access.fullname,
-                "email": access.email,
-            }
+        context = self.get_user_role_management_context(sac)
 
         return render(request, self.template, context)
 
@@ -88,7 +69,23 @@ def post(self, request, *args, **kwargs):
         report_id = kwargs["report_id"]
         sac = SingleAuditChecklist.objects.get(report_id=report_id)
         form = ChangeAccessForm(request.POST)
+        context = self.get_user_role_management_context(sac)
+
         form.full_clean()
+        if not form.is_valid():
+            context = (
+                context
+                | form.cleaned_data
+                | {
+                    "errors": form.errors,
+                }
+            )
+
+            for field, errors in form.errors.items():
+                logger.warning(f"Error {field}: {errors}")
+
+            return render(request, self.template, context, status=400)
+
         url = reverse("audit:ManageSubmission", kwargs={"report_id": report_id})
         fullname = form.cleaned_data["fullname"]
         email = form.cleaned_data["email"]
@@ -122,9 +119,9 @@ def post(self, request, *args, **kwargs):
                 "certifier_name": access.fullname,
                 "email": access.email,
                 "report_id": report_id,
-                "errors": [
-                    "Cannot use the same email address for both certifying officials."
-                ],
+                "errors": {
+                    "email": "Cannot use the same email address for both certifying officials."
+                },
             }
             return render(request, self.template, context, status=400)
 
@@ -141,6 +138,34 @@ def post(self, request, *args, **kwargs):
 
         return redirect(url)
 
+    def get_user_role_management_context(self, sac):
+        context = {
+            "role": self.role,
+            "friendly_role": None,
+            "auditee_uei": sac.general_information["auditee_uei"],
+            "auditee_name": sac.general_information.get("auditee_name"),
+            "certifier_name": None,
+            "email": None,
+            "report_id": sac.report_id,
+            "errors": [],
+        }
+
+        if self.role != "editor":
+            try:
+                access = Access.objects.get(sac=sac, role=self.role)
+            except Access.DoesNotExist:
+                access = SimpleNamespace(
+                    fullname="UNASSIGNED ROLE", email="UNASSIGNED ROLE", role=self.role
+                )
+
+            context = context | {
+                "friendly_role": _get_friendly_role(access.role),
+                "certifier_name": access.fullname,
+                "email": access.email,
+            }
+
+        return context
+
 
 class ChangeAuditorCertifyingOfficialView(ChangeOrAddRoleView):
     """
diff --git a/backend/report_submission/forms.py b/backend/report_submission/forms.py
index 7873a22c27..590f5c5714 100644
--- a/backend/report_submission/forms.py
+++ b/backend/report_submission/forms.py
@@ -127,7 +127,7 @@ class GeneralInformationForm(forms.Form):
         required=False,
     )
     auditee_phone = forms.CharField(required=False, validators=[phone_validator])
-    auditee_email = forms.CharField(
+    auditee_email = forms.EmailField(
         min_length=CHARACTER_LIMITS_GENERAL["auditee_email"]["min"],
         max_length=CHARACTER_LIMITS_GENERAL["auditee_email"]["max"],
         required=False,
@@ -172,7 +172,7 @@ class GeneralInformationForm(forms.Form):
         required=False,
     )
     auditor_phone = forms.CharField(required=False, validators=[phone_validator])
-    auditor_email = forms.CharField(
+    auditor_email = forms.EmailField(
         min_length=CHARACTER_LIMITS_GENERAL["auditor_email"]["min"],
         max_length=CHARACTER_LIMITS_GENERAL["auditor_email"]["max"],
         required=False,
diff --git a/backend/report_submission/templates/report_submission/step-3.html b/backend/report_submission/templates/report_submission/step-3.html
index 42913bc7dd..d284b37e6f 100644
--- a/backend/report_submission/templates/report_submission/step-3.html
+++ b/backend/report_submission/templates/report_submission/step-3.html
@@ -18,6 +18,9 @@
                     <p class="required-explanation">
                         <abbr title="required" class="usa-hint usa-hint--required">*</abbr> Indicates a required field.
                     </p>
+                    {% if errors %}
+                        <span class="usa-error-message" role="alert">There were errors when attempting to submit the form. Scroll down for more details.</span>
+                    {% endif %}
                     <fieldset class="usa-fieldset question"
                               aria-labelledby="certifying_auditee_contact_legend certifying_auditee_contact_instruction">
                         <legend id="certifying_auditee_contact_legend" class="usa-legend">
@@ -46,7 +49,8 @@
                                            aria-required="true"
                                            required
                                            data-validate-not-null=""
-                                           data-validate-length="<= 100 >= 2"/>
+                                           data-validate-length="<= 100 >= 2"
+                                           value="{{ certifying_auditee_contact_fullname | default_if_none:'' }}" />
                                 </div>
                             </div>
                             <div class="grid-row grid-gap">
@@ -74,7 +78,8 @@
                                                data-validate-not-null=""
                                                data-validate-email=""
                                                data-validate-must-not-match="certifying_auditor_contact_email"
-                                               data-validate-length="<= 340 >= 6"/>
+                                               data-validate-length="<= 340 >= 6"
+                                               value="{{ certifying_auditee_contact_email | default_if_none:'' }}" />
                                     </div>
                                 </div>
                                 <div class="tablet:grid-col-fill">
@@ -95,10 +100,14 @@
                                                aria-required="true"
                                                required
                                                data-validate-must-match="certifying_auditee_contact_email"
-                                               data-validate-length="<= 340 >= 6"/>
+                                               data-validate-length="<= 340 >= 6"
+                                               value="{{ certifying_auditee_contact_re_email | default_if_none:'' }}" />
                                     </div>
                                 </div>
                             </div>
+                            {% if errors.certifying_auditee_contact_email %}
+                            <span class="usa-error-message" id="certifying_auditee_contact_email-error-message" role="alert">Enter a valid email address.</span>
+                            {% endif %}
                         </div>
                     </fieldset>
 
@@ -130,7 +139,8 @@
                                            aria-required="true"
                                            required
                                            data-validate-not-null=""
-                                           data-validate-length="<= 100 >= 2"/>
+                                           data-validate-length="<= 100 >= 2"
+                                           value="{{ certifying_auditor_contact_fullname | default_if_none:'' }}" />
                                 </div>
                             </div>
                             <div class="grid-row grid-gap">
@@ -158,7 +168,8 @@
                                                data-validate-not-null=""
                                                data-validate-email=""
                                                data-validate-must-not-match="certifying_auditee_contact_email"
-                                               data-validate-length="<= 340 >= 6"/>
+                                               data-validate-length="<= 340 >= 6"
+                                               value="{{ certifying_auditor_contact_email | default_if_none:'' }}" />
                                     </div>
                                 </div>
                                 <div class="tablet:grid-col-fill">
@@ -179,13 +190,17 @@
                                                aria-required="true"
                                                required
                                                data-validate-must-match="certifying_auditor_contact_email"
-                                               data-validate-length="<= 340 >= 6"/>
+                                               data-validate-length="<= 340 >= 6"
+                                               value="{{ certifying_auditor_contact_re_email | default_if_none:'' }}" />
                                     </div>
                                 </div>
                             </div>
+                            {% if errors.certifying_auditor_contact_email %}
+                            <span class="usa-error-message" id="certifying_auditor_contact_email-error-message" role="alert">Enter a valid email address.</span>
+                            {% endif %}
                         </div>
                     </fieldset>
-                    
+
                     <fieldset class="usa-fieldset question"
                               aria-labelledby="auditee_contacts_legend dynamic_fieldset_instruction_auditee">
                         <legend id="auditee_contacts_legend" class="usa-legend">
@@ -255,6 +270,9 @@
                                     </div>
                                 </div>
                             </div>
+                            {% if errors.auditee_contacts_email %}
+                            <span class="usa-error-message" id="auditee_contacts_email-error-message" role="alert">Enter a valid email address.</span>
+                            {% endif %}
                         </div>
                         <template id="auditee_contacts-template">
                             <div id="auditee_contacts" class="grid-container auditee_contacts additional_contacts">
@@ -406,6 +424,9 @@
                                     </div>
                                 </div>
                             </div>
+                            {% if errors.auditor_contacts_email %}
+                            <span class="usa-error-message" id="auditor_contacts_email-error-message" role="alert">Enter a valid email address.</span>
+                            {% endif %}
                         </div>
                         <template id="auditor_contacts-template">
                             <div id="auditor_contacts" class="grid-container auditor_contacts additional_contacts">
diff --git a/backend/report_submission/test_views.py b/backend/report_submission/test_views.py
index d7b1c6d3ee..46f8d3fb25 100644
--- a/backend/report_submission/test_views.py
+++ b/backend/report_submission/test_views.py
@@ -385,8 +385,7 @@ def test_step_three_accessandsubmission_submission_fail(self):
 
         data = {}
         response = self.client.post(url, data=data)
-        self.assertEqual(response.status_code, 302)
-        self.assertEqual(response.url, "/report_submission/accessandsubmission/")
+        self.assertEqual(response.status_code, 400)
 
     def test_reportsubmissionredirectview_get_redirects(self):
         url = reverse("report_submission:report_submission")
@@ -777,7 +776,7 @@ def test_post_gsa_migration_error(self):
 
         self.assertIn("errors", response.context)
         self.assertIn(
-            "GSA_MIGRATION not permitted outside of migrations",
+            "Enter a valid email address.",
             response.context["errors"],
         )
 
diff --git a/backend/report_submission/views.py b/backend/report_submission/views.py
index 9cb23569d4..fcb2f53859 100644
--- a/backend/report_submission/views.py
+++ b/backend/report_submission/views.py
@@ -114,20 +114,17 @@ def get(self, request):
             args["step"] = 3
             return render(request, "report_submission/step-3.html", args)
 
-    # render access-submission form
-
-    # gather/save step 3 info, redirect to step ...4?
-    def post(self, post_request):
-        result = api.views.access_and_submission_check(
-            post_request.user, post_request.POST
-        )
+    def post(self, request):
+        result = api.views.access_and_submission_check(request.user, request.POST)
 
         report_id = result.get("report_id")
 
         if report_id:
             return redirect(f"/report_submission/general-information/{report_id}")
         else:
-            return redirect(reverse("report_submission:accessandsubmission"))
+            return render(
+                request, "report_submission/step-3.html", context=result, status=400
+            )
 
 
 class GeneralInformationFormView(LoginRequiredMixin, View):
diff --git a/backend/support/api/admin_api_v1_1_0/create_functions.sql b/backend/support/api/admin_api_v1_1_0/create_functions.sql
index 336b2e2ccf..b89b001186 100644
--- a/backend/support/api/admin_api_v1_1_0/create_functions.sql
+++ b/backend/support/api/admin_api_v1_1_0/create_functions.sql
@@ -126,7 +126,7 @@ BEGIN
         -- Are they already in the table?
         SELECT count(up.email) 
             FROM public.users_userpermission as up
-            WHERE email = params->>'email' INTO already_exists;
+            WHERE LOWER(email) = LOWER(params->>'email') INTO already_exists;
 
         -- If they are, we're going to exit.
         IF already_exists <> 0
@@ -146,11 +146,11 @@ BEGIN
             -- Can we make the 1 not magic... do a select into.
             INSERT INTO public.users_userpermission
                 (email, permission_id, user_id)
-                VALUES (params->>'email', read_tribal_id, null);
+                VALUES (LOWER(params->>'email'), read_tribal_id, null);
 
-            RAISE INFO 'ADMIN_API add_tribal_access_email OK %', params->>'email';
+            RAISE INFO 'ADMIN_API add_tribal_access_email OK %', LOWER(params->>'email');
             RETURN admin_api_v1_1_0_functions.log_admin_api_event('tribal-access-email-added', 
-                                                        json_build_object('email', params->>'email'));
+                                                        json_build_object('email', LOWER(params->>'email')));
         END IF;
     ELSE
         RETURN 0;
@@ -222,7 +222,7 @@ BEGIN
     THEN 
         -- Delete rows where the email address matches
         DELETE FROM public.users_userpermission as up
-            WHERE up.email = params->>'email';
+            WHERE LOWER(up.email) = LOWER(params->>'email');
         -- This is the Postgres way to find out how many rows
         -- were affected by a DELETE.
         GET DIAGNOSTICS affected_rows = ROW_COUNT;
@@ -230,7 +230,7 @@ BEGIN
         IF affected_rows > 0
         THEN
             RETURN admin_api_v1_1_0_functions.log_admin_api_event('tribal-access-email-removed', 
-                                                        json_build_object('email', params->>'email'));
+                                                        json_build_object('email', LOWER(params->>'email')));
         ELSE
             RETURN 0;
         END IF;
@@ -297,14 +297,14 @@ BEGIN
         SELECT EXISTS (
             SELECT 1 
             FROM public.dissemination_TribalApiAccessKeyIds
-            WHERE email = params->>'email'
+            WHERE LOWER(email) = LOWER(params->>'email')
         )
         INTO user_exists;
 
         -- If the user already exists, it means they have access.
         -- For purposes of this function, lets call that "succses", and return true.
         IF user_exists THEN
-            RAISE INFO 'ADMIN_API add_tribal_api_key_access ALREADY_EXISTS %', params->>'email';
+            RAISE INFO 'ADMIN_API add_tribal_api_key_access ALREADY_EXISTS %', LOWER(params->>'email');
             RETURN json_build_object(
                 'result', 'success',
                 'message', 'User with this key already exists')::JSON;
@@ -313,8 +313,8 @@ BEGIN
 
         -- If the user does not exist, add a new record
         INSERT INTO public.dissemination_TribalApiAccessKeyIds (email, key_id, date_added)
-        VALUES (params->>'email', params->>'key_id', CURRENT_TIMESTAMP);
-        RAISE INFO 'ADMIN_API add_tribal_api_key_access ACCESS_GRANTED % %', params->>'email', params->>'key_id';
+        VALUES (LOWER(params->>'email'), params->>'key_id', CURRENT_TIMESTAMP);
+        RAISE INFO 'ADMIN_API add_tribal_api_key_access ACCESS_GRANTED % %', LOWER(params->>'email'), params->>'key_id';
         RETURN json_build_object(
             'result', 'success', 
             'message', 'User access granted')::JSON;
@@ -328,7 +328,7 @@ BEGIN
     END IF;
 
     -- Return false by default.
-    RAISE INFO 'ADMIN_API add_tribal_api_key_access WAT %', params->>'email';
+    RAISE INFO 'ADMIN_API add_tribal_api_key_access WAT %', LOWER(params->>'email');
     RETURN json_build_object(
         'result', 'failure', 
         'message', 'Unknown error in access addition')::JSON;
@@ -352,20 +352,20 @@ BEGIN
         SELECT EXISTS (
             SELECT 1 
             FROM public.dissemination_TribalApiAccessKeyIds
-            WHERE email = params->>'email'
+            WHERE LOWER(email) = LOWER(params->>'email')
         )
         INTO user_exists;
 
         -- If the user exists, remove the record
         IF user_exists THEN
             DELETE FROM public.dissemination_TribalApiAccessKeyIds
-            WHERE email = params->>'email';
-            RAISE INFO 'ADMIN_API remove_tribal_api_key_access ACCESS_REMOVED %', params->>'email';
+            WHERE LOWER(email) = LOWER(params->>'email');
+            RAISE INFO 'ADMIN_API remove_tribal_api_key_access ACCESS_REMOVED %', LOWER(params->>'email');
             RETURN json_build_object(
                 'result', 'success', 
                 'message', 'Removed record')::JSON; 
         ELSE
-            RAISE INFO 'ADMIN_API remove_tribal_api_key_access DID_NOT_EXIST %', params->>'email';
+            RAISE INFO 'ADMIN_API remove_tribal_api_key_access DID_NOT_EXIST %', LOWER(params->>'email');
             RETURN json_build_object(
                 'result', 'failure', 
                 'message', 'User did not exist in table')::JSON;
@@ -376,7 +376,7 @@ BEGIN
             'result', 'failure', 
             'message', 'Admin user lacks DELETE permissions')::JSON; -- Return false if the API user doesn't have read permissions
     END IF;
-    RAISE INFO 'ADMIN_API add_tribal_api_key_access WAT %', params->>'email';
+    RAISE INFO 'ADMIN_API add_tribal_api_key_access WAT %', LOWER(params->>'email');
     RETURN json_build_object(
         'result', 'failure', 
         'message', 'Uknown error in access removal')::JSON;
diff --git a/docs/testing.md b/docs/testing.md
index d480e1dd3f..43f56f3391 100644
--- a/docs/testing.md
+++ b/docs/testing.md
@@ -17,6 +17,7 @@ We use [Django's test execution framework](https://docs.djangoproject.com/en/4.0
   - [Linting](#linting)
 - [End-to-end testing](#end-to-end-testing)
   - [Testing behind Login.gov](#testing-behind-logingov)
+- [Admin API testing](#admin-api-testing)
 
 ## Packages
  - [model_bakery](https://model-bakery.readthedocs.io/en/latest/), to help create data and instances within our tests
@@ -184,3 +185,30 @@ in files in [backend/cypress/e2e/](/backend/cypress/e2e). To run these tests:
  Github repository. To use them in a Github Actions workflow, use the [Github
  Actions secrets
  store](https://docs.github.com/en/actions/security-guides/encrypted-secrets)
+
+# Admin API Testing
+For interfacing the admin API locally, we will need to account for a few things.
+
+## Resources
+
+For communicating with the Postgrest API, you could use one of the following extensions if you are using Visual Studio Code:
+- [REST Client](https://marketplace.visualstudio.com/items?itemName=humao.rest-client)
+- [Postman](https://marketplace.visualstudio.com/items?itemName=Postman.postman-for-vscode)
+
+Though keep in mind you should be able to use whatever API service you prefer to run.
+
+## Checklist
+
+1. When running `docker compose up`, make sure the `web-1` service completes the startup procedures.
+    - E.G., `STARTUP STARTUP_CHECK seed_cog_baseline PASS` should be one of the last startup logs. If this passes, then the API tables are up.
+2. Make sure you prepare your request headers with the following:
+    - `Authorization: Bearer {JWT}` is important for authenticating your requests.
+    - `x-api-user-id: {uuid}` should be populated with a user ID from the `support_administrative_key_uuids` table. You can create your own row in this table for local testing purposes.
+    - `x-api-key: {key}`
+    - `content-profile: {api-version}` is required for POST requests.
+    - `accept-profile: {api-version}` is required for GET requests.
+    - `Prefer: params=single-object` is needed for the API to read your payload. In most if not all cases, it is set to `params=single-object`.
+
+## "Cheat-sheet" for testing
+
+We have a `.rest` file in `/backend/support/api/admin_api_vX_X_X` that contains many of the admin API endpoints, as well the headers/parameters/payload that are needed to run it successfully.