Help Center

Menu

Use your organization’s single sign on to authenticate users

Single sign-on to the Squiz DXP can be configured to use your single sign-on service, if you are using a compatible external SAML 2.0 identity provider (IdP).

The integration provides the following:

  • Users from your organization can be sent a Squiz DXP login invitation using the standard process for inviting a user.

  • Any users from your organization that have accepted an invitation will be authenticated using your configured single sign-on service.

  • If a user is removed from your single sign-on service they will no longer be able to log in to the DXP.

  • Your single sign-on service is only used to authenticate a user.

  • Users in your directory are not automatically created within your DXP service, you must manually invite users.

  • DXP user roles must be managed from within the DXP and are usually assigned when you invite a user to the DXP.

How do I get single sign-on set up?

Single sign-on using your own service can be arranged by contacting your Customer Success Manager.

You will need to provide details for your service including:

  • Your domain (this must match domain part of your username - the bit after the @ symbol. e.g. if your user login is john@example.com then the domain you would use would be example.com).

  • Metadata URL of your identity provider.

Your Customer Success Manager will organize to get the integration set up.

What happens after my single sign-on service is activated?

  • After your service is activated, any users that have logins that match your domain will now be authenticated using your single sign-on provider.

  • As long as your existing DXP users match the users in your single sign-on system then the only difference for your users will be that they now need to sign-in using the password (or 2FA) associated with your single sign-on. Once signed in to the DXP their experience should be identical to before.

  • If your current usernames are different to those used in the DXP then you will need to send invitations to all your users and register them again in the DXP.

What if my IdP isn’t supported?

The integration currently supports SAML 2.0, which will cover most commonly used SSO providers.

If your service isn’t currently supported, please get in touch with your Customer Success Manager to discuss your requirements and we will consider extending our support on a case-by-base basis.