Single Sign-On (SSO)
This feature is only available for the enterprise plan.
The user has to enter an e-mail address associated with a company that has SSO activated. If the address is verified, the user is redirected to the SSO provider that handles the SSO for the company.
Only one SSO configuration is possible for one domain.
Image CaptionImage alt text
The company admin can activate SSO in the Settings > Company Profile.
By default SSO is inactive. Clicking on Manage SSO opens the configuration panel.
A metadata file provided by the identity provider (e.g. Google) of the company has to be uploaded. Normally every identity provider provides an export of a metadata file for SSO.
You can specify domains that are treated in a special way.
The domains have to be verified by an e-mail address of these domains.
You can have normal e-mail and password and SSO login active in parallel. This is recommended until you properly tested that SSO works. If you turn on "Require SSO login for all users from these domains", all users, including admins will have to use SSO login and it won't be possible to access the cloud if SSO is not working properly.