We support SSO through SAML 2.0 (a modern SSO protocol widely supported by many authentication providers including Google G Suite, Microsoft Azure, and Auth0) and OpenID Connect. We can also evaluate requests for SSO with another method, but this may require custom development and must be considered case-by-case.
SSO, short for "single sign-on," allows your members to sign into your Pathwright account with an existing email and password that's authenticated through another service.
Setup SSO on your Pathwright account in 3 steps:
- Verify that the login system you'd like to use supports one of the SSO methods listed above (contact us if you're not sure).
- If you're not on the Enterprise Plan, you'll need to upgrade to the Enterprise Plan in order to setup SSO for your account or request SSO as an "add on" to your existing plan for an additional fee. If you'd like to upgrade your plan, contact us.
- Let us know that you're ready to implement SSO, and we'll be in touch with the setup steps. Setup usually takes between 2 and 5 business days.
Once SSO is implemented on your account, here's how it works:
- When existing members use the new SSO option, their existing account will be automatically linked to the identity provider and they'll be logged in.
- When new members use the new SSO option to create an account, we'll automatically sign them in and also create a Pathwright member account in the background with a randomly generated password. This password won't be visible to the member under your Pathwright account. However, if the member signs into a separate Pathwright Account that does not use your SSO provider, they'll need to login with their email and use the "forgot password" option to reset their randomly-generated password.
- If an existing member needs to update their name and/or email address, this should be handled first by the SSO provider. When the user logs out and logs back in, the changes will sync with their Pathwright account.
If you're exploring implementing SSO, check out Tips for setting up & supporting SSO.