Whether you're an Azure AD, Google Workspace, Otka, Auth0 user, or any app employing the SAML and OIDC protocols, we've got you covered to ensure secure access for all your team members.
Please note: Enterprise SSO is available as a paid add-on for both our Standard and Pro plans for. The add-on is $150/m ($1,800/y). To start, reach out to our sales team at [email protected].
Setting up Enterprise SSO
Log in to your Simplesat account and navigate to the Authentication security page within Admin settings.
Click on the 'Configure SSO' option. You will be led to a new tab where you'll be prompted to select your identity provider or opt for custom SAML or OIDC configurations.
After you go through the given instructions and complete the setup, our system will run a connectivity test to ensure everything's working. Do note that, depending on your chosen IdP, changes can take anywhere from a few minutes to 24 hours to come into effect.
If a test returns an error, give it a few minutes and try again. If you continue to experience issues, please reach out to Simplesat support or your IdP's helpdesk.
Using the Authorization URL
With the Authorization URL at hand, team members can instantly create their Simplesat accounts.
This not only streamlines the onboarding process but also eliminates the need for individual invitations.
Accounts made using JIT provisioning will be given the 'Collaborator' role by default, devoid of survey access. Adjustments can be made later via the Users page.
Implementing SSO enforcement
Here's how you can apply SSO within your organization:
Total Enforcement: Ideal for those using the Enterprise SSO feature across the board. This means all users, except those manually deactivated (see below for more details), must access your Simplesat account via Enterprise SSO.
Flexibility in Access: The 'It's optional' setting means users can choose their login method - social SSO, username/password, or enterprise SSO.
Managing individual user settings
With Enterprise SSO activated, you can quickly gauge the enforcement status of each user by visiting the Users page and checking the 'Authentication' column.
If you need to disable SSO enforcement for a specific user, simply edit their profile and select the 'Disable SSO enforcement' checkbox.
Even if you modify the global settings later on, this individual preference will remain unchanged.
Deactivating or removing the feature
Should the need arise, you can reset the connection to either change your IdP or entirely disconnect the settings from your Simplesat profile.
And, if you ever decide to stop using the feature, just shoot a message to Simplesat's support team, and we'll handle the rest.