Setting up single sign-on.

How to require your users to authenticate into Employee Community using their single sign-on credentials.

Rachel Kaplowitz avatar
Written by Rachel Kaplowitz
Updated over a week ago

The features described below are only available to Employee Community admins. If you have questions about who can or cannot see these settings, please don't hesitate to send us a note. We'd be happy to help!

If your team is using a single sign-on (SSO) SAML provider like OneLogin, Okta, Bitium, G Suite, or Ping Identity, you can require that your team members use their SSO credentials to create and log in to their accounts. This requirement is especially helpful as it...

  • Simplifies user credentials — your team members will not have to create and remember a separate Employee Community password. 

  • Makes user management easier — when team members leave your company, they will lose access to Employee Community the moment their SSO account is shut down.

Configure single sign-on.

  1. Click the gear icon at the top of your navigation menu and select Admin from the menu.  

  2. Then, click Single Sign-On in the menu. 

  3. Use the configuration fields to set up your single sign-on integration. To complete this, you will need some information from your SSO provider's admin panel. 

  4. Once you're happy with your setup, toggle on Enable Single Sign-On? at the bottom of the page. 

Next, require your users to use SSO.

Now that you've enabled your single sign-on integration, you'll need to require your users to use it. To do so, we'll need to require all users who are signing up/in with your company's domain to use SSO. Here's how...

  1. Click the gear icon at the top of your navigation menu and select Admin from the menu.  

  2. Then, click Domains in the menu. 

  3. If you do not see your company's email domain listed on the side of the page, use the Add a Company Domain section to add your domain(s). 

  4. Once you see your domains listed on the side of the page, click the lock icon next to the domain(s) for which you'd like to require single sign-on. 

  5. From the lock icon dropdown menu, select Require SAML.

Once this requirement is set, all users who sign up for Employee Community or sign in to Employee Community with your company domain(s) will be required to authenticate with their single sign-on credentials. 

Did this answer your question?