As an account owner or administrator, you can ensure users sign in to your account securely with SSO. Whether you want to implement SSO for all or some users depends on your security requirements and users.
Important
Your users must select Use this account for SSO in the Security tab of their account profile (if it isn't already selected). Then, when your users sign in, the credentials of the account are matched with the SSO provider account for secure access.
For existing platform users, you can inform them about enabling the setting when you're planning to implement SSO.
- A new user (first-time platform access): When you're inviting and requiring SSO for a user who is accessing the Celigo platform for the first time, let's say, a new employee to your organization's account, then Use this account for SSO is automatically selected for the user. There is no action required by the user.
- An existing platform user: When you're inviting and requiring SSO for an existing user (including a free trial user) to your account, the user must click the invitation link to sign in using email ID and password. If Use this account for SSO is not selected, they should select it before signing out.
- Existing SSO user: A user can belong to multiple accounts, and each admin or owner can require SSO for each account. However, a user can only sign into the account that is currently selected as the value for Use this account for SSO. To view another account, the user would have to reset the account selection or request optional SSO access.
You must enable Require SSO for each user individually. However, if you're inviting multiple (new) users to the same role in a single invitation, then you can enable SSO for them together.
- Sign in to the Celigo platform with account owner or administrator credentials.
- Open the avatar at the top right, and choose Users. The Users tab opens. (The tab is visibie only to account owners and administrators.)
- Based on whether you want to require SSO sign-in for an existing user or a new user, follow these steps:
- For existing users, in the Users list,
- Select any users.
- Turn on the toggle in the Require account SSO? column.
- For new users, from the top right corner, click + Invite user.
-
In the Invite user form, enter the user’s email ID. (You can invite multiple users to the same role in a single invitation.)
- Select the role and permissions for the user. If you want to get a better understanding of roles and permissions, see manage account and integration permissions.
- Enable the Require SSO setting.
-
Click Invite.
Now, when you view the list in the Users tab, you'll see the user has been added to the list and Require account SSO? is enabled as shown.
The new account user must select this account for SSO (if it's not automatically set) and successfully sign in. Then the following SSO field gets updated in the dashboard.
-
- For existing users, in the Users list,
| Column (read-only) | What it means… |
|---|---|
| Account SSO Linked? | This column indicates whether the user has successfully signed in to the Celigo platform using the account SSO. When the user has successfully signed in to the account with SSO, then the field displays yes. Otherwise, the field displays no. |
Tip
You can use APIs to view and update user access.