As an Enterprise Plan customer, you can enable your members to sign-up and sign-in to your Pathwright account using the same credentials that they use to access your organization's network.
This power feature reduces password fatigue, increases security, and provides a more seamless experience for all your members.
Pathwright supports SSO using SAML 2.0 — a modern SSO protocol widely supported by many authentication providers, including Google G Suite, Microsoft Azure, and Auth0. We also support SSO through OpenID Connect.
SSO, short for "single sign-on," allows your members to sign in to your Pathwright account with an existing email and password authenticated through another service.
Set up SSO on your Pathwright account in 3 steps:
Verify that the login system you'd like to use supports one of the SSO methods listed above (contact us if you're unsure).
Let us know if you're ready to implement SSO, and we'll be in touch with the setup steps. Setup usually takes between 2 and 5 business days.
If you're exploring implementing SSO, check out further information under Tips for setting up & supporting SSO.
Once SSO is implemented on your account, here's how it works.
Q. What happens when an existing user logs in with SSO for the first time?
A. When existing members use the new SSO option, their existing account will be automatically linked to the identity provider and they'll be logged in (provided the email addresses match exactly).
Q. What happens when someone creates a new Pathwright account using their SSO login?
A. When new members use the new SSO option to create an account, we'll automatically sign them in and also create a Pathwright member account in the background with a randomly generated password. This password won't be visible to the member under your Pathwright account. However, if the member signs into a separate Pathwright Account that does not use your SSO provider, they'll need to login with their email and use the "forgot password" option to reset their randomly-generated password.
Q. How does someone using an SSO login update their name or email address on Pathwright?
A. If an existing member who uses SSO needs to update their name and/or email address, this should be handled first by the SSO provider. When the user logs out and logs back in, the changes will sync with their Pathwright account. They will not be able to make these changes directly in their Pathwright profile settings.
Occasionally, the situation will come up where the update cannot be completed because the new email address is already in use in the Pathwright system (the user has already created a second Pathwright account under the desired email address). If you need help getting this issue resolved, please contact us and we'll be happy to help.