Single Sign-On

Worklytics supports the following Identity Providers (IdP) as Single Sign-On (SSO) methods:

Users with the SecurityAdmin role may configure these via the Organization Settings > Single Sign-On section of the Worklytics Web App.

Google Identity and Microsoft Entra ID work in a similar way: once you select any of these, in the configuration flow, you'll be redirected to the corresponding login page to authenticate, and you will be asked for some permissions. After that, you'll be redirected back to Worklytics and the setup is complete.

Okta and SAML require some additional configuration; please refer to the specific documentation for all the details: Okta, and SAML.

Important Notes

Verified SSO Domains

When selecting an IdP for your organization, it's crucial to ensure that user identities are linked to a verified SSO domain. This domain must be associated with your organization's account in Worklytics. For security reasons, Worklytics manages this setting internally, and it is established during the account provisioning process.

For example, if your organization was provisioned with acme.com as one of the verified SSO domains, and any of your SecurityAdmin users attempt to configure an IdP that will provide user identities with emails from a different domain (e.g. user@foo.com), you'll get an error.

If you need to change the verified domains setting, please contact Worklytics Support.

SSO restrictions

All organizations in Worklytics need to configure at least one SSO method.

Once your organization's account has been provisioned, and you've received a One-Time Password (OTP) link, you should set up at least one SSO method. If you configure it incorrectly, or you want to switch to another provider, you'll need to set up a new SSO method before disabling the initial one. This restriction ensures that your organization does not lose access to the Worklytics Web App and minifies the risk of handling OTP links.

SAML is the only exception to this rule: Worklytics only supports one SAML IdP per organization, so you can change its configuration at any time.

PreviousAccess ControlNextOkta

Last updated

Company

AboutSecurityPrivacy PolicyTerms of Service

Resources

BlogIntegrationsService StatusSupport

© Worklytics Co.