How to Set Up Single Sign-on

In this article, we're going over the definition of Single Sign-on (SSO), its use, and its benefits. SSO can be set up by a Team owner or an Admin from the Team Settings panel. If you wish to learn more about Roles & Rights, please visit this article.

What is Single Sign-on?

Single sign-on (SSO) is an authentication method that allows users to securely log into multiple applications and websites using a single set of credentials through an identity provider. So, instead of logging into each of your apps, you can log into one workspace and access all available tools.

How does Single sign-on work?

SSO operates based on trust between a service provider and an identity provider. It relies on the two parties exchanging digital certificates to function. This certificate can validate the information passed from the identity provider to the service provider, allowing the provider to confirm the source's identity.

At Creatopy, we offer two identity provider protocols, OpenID and SAML 2.0.

What are the benefits of using SSO?

An SSO authenticator is accompanied by a variety of benefits, such as:

• Improve password policy.
• Reduce password fatigue.
• Decrease password management load.
• Dampen password-related incidents involving the IT department.
• Boost overall productivity due to faster logins and fewer lost passwords.
• Centralize the organization's control across all systems.
• Diminish the risk of data breaches due to relocating ID/authentication data off-premises.
• Allow users to access their applications more quickly.

How to Enable Single Sign-on

Before you set up your SSO, you will need to enable it by following the steps below.

1. Go to Manage account.
2. Go to Single sign-on, located under Team Settings on the left side panel.
3. Click Enable SSO.
4. Select the SSO protocol you wish to proceed with:
   • OpenID
   • SAML 2.0
5. Click Set up.

How to Configure OpenID

You will first need to connect your domain and our application for the OpenID configuration. To do this, follow the steps below.

1. Click Copy TXT records and add them to your domain host's DNS records.
2. Paste your URL and click Add domain to validate the field.
3. Insert the Sign-in redirect URI redirect provided by your identity provider.
4. Insert the Sign-out redirect URI redirect provided by your identity provider.
5. Insert the Client ID.
6. Insert the Client Secret.
7. Paste the Autoconfig URL.
8. Click Test connection & finish setup.

How to Configure SAML 2.0

Similar to the OpenID, you'll need to establish a connection between your domain and Creatopy by following these steps:

1. Click Copy TXT records and add them to your domain host's DNS records.
2. Paste your URL into the Add domain to validate the domain.
3. Copy & paste the Single sign-on service URI to your Identity Provider.
4. Copy & paste the Service Provider Entity ID to your Identity Provider.
5. Paste the URL of the Autoconfig file provided by the Identity Provider.
6. Once done, click Test connection & finish setup.

If you'd like your team to go back to using Creatopy's built-in authentication system, you can remove the single sign-on (SSO) integration. When SSO is turned off, all team members will sign in using their email address and Creatopy password. To remove it, access Single Sign-on from Team Settings, scroll down to the bottom of the page, and click Remove this integration.