Single sign-on (SSO) enables access to your Redox dashboard account using a third-party identity provider, allowing you to control user access policies via a central resource for your organization. Redox supports identity providers compatible with the SAML protocol.
With SSO, a user from your organization enters their email on the dashboard login page, which then redirects them to your identity provider for authentication. If successfully authenticated, they are redirected back to the dashboard as a logged-in user.
For our Basic plan customers, SSO isn't available. Talk to a Redoxer if you're interested in upgrading to take advantage of SSO.
For our Standard (and above) plan customers, SSO is enabled by default. But SSO is only available to dashboard users that belong to one dashboard organization. If your organization has users that are part of multiple organizations, they must remove themselves or transfer access to a different Redox account before using SSO.
For Standard (and above) customers, an organization owner can follow these steps to turn on SSO:
If you're not an organization owner, the toggle option won't be available. Instead, the Single Sign-On section displays a warning that says you must be an organization owner to manage SSO.
If you use Okta for your IDP, you can use the instructions after this section to configure Okta for SSO.
After SSO is enabled, any new user who successfully authenticates via your identity provider is added to your organization. Existing users of your organization may not join another Redox organization.
Lastly, keep in mind that user access may be revoked from your identity provider.
Follow the instructions for your given IDP to enable SSO. For your convenience, we have instructions for: