Question: What SSO platforms does 10KC support?
Answer: We support almost all major SSO platforms, including:
- Microsoft Azure AD
- Microsoft ADFS
- Microsoft OAuth
- Okta
- Oracle
- OneLogin
- PingFed
- ADP
- Auth0
- CAS
- CyberArk
- Duo
- JumpCloud
- KeyCloak
- LastPass
- Login.gov
- miniOrange
- NetIQ
- Rippling
- Salesforce
- Shibboleth
- VMWare
If your customer/prospects SSO platform is NOT on the list, we maybe still be able to support their SSO platform if it uses the SAML protocol or OpenID Connect protocol.
Question: Does 10KC support more than one Single-Sign-On connection per tenant?
Answer: Yes! Simply follow setup steps for each SSO connection you want to create. Once done setup on your side, contact product support so we can enable additional SSO buttons on your login page.
Question: A user received a login error with SSO. How can we help?
Answer: 99% of the time the customer’s SSO admin will need to make a change in their SSO platform. We usually need to ask them to add the user to the user group which has access to 10KC in their SSO platform. You should share the error with the SSO admin and request their help to grant access to the affected user.
Question: Can we convert a tenant to SSO only and disable any passwordless login links?
Answer: Yes! Please note your CSMs will need to access the tenant using Super Admin Mode if the tenant is converted to SSO only. You can convert a tenant to SSO only by navigating to the Tenant Admin section and then going to the "Security & Login" section. Next, make sure you the "enable email login" switch is turned OFF, and "enable SSO login" and "enable SSO signup" are turned ON.
Question: Which users should be granted access to 10KC via SSO?
Answer: We recommend all employees as specified in the contract with 10KC. Typically, we see customers add “all full-time employees”, in order to keep maintenance costs low for HR IT.
Question: Is it possible to exclude certain employees from accessing 10KC using SSO?
Answer: Yes! HR IT can manage accounts and access through rules they setup in their SSO platform. They’ll need to update their user group in their SSO platform to exclude employees. This is a standard procedure for them to do, and the major benefit of using SSO for HR IT; being able to control who has access.
Comments
0 comments
Please sign in to leave a comment.