1. WorkSpan
  2. Managing Data in WorkSpan
  3. Security & Privacy

Set up Single Sign-On for your organization

Follow
Avatar
Prerana Gupta
Created . Last Updated

Overview

SSO provides a secure and convenient way for users to log in to WorkSpan without having to remember an additional password. It also enables the company’s IT Administrator to centrally manage user access for the employees. 

Available SSO Options:

  1. Password Login
  2. Google SSO
  3. Microsoft  SSO
  4. SAML SSO
  5. OpenID Connect
  6. Partner SSO

 Note: Only the company administrators have access to set up SSO.

Accessing the SSO Setup Page

Step 1: Sign in as an Administrator to the WorkSpan App.

Step 2: Click on “My Company Profile” in the top right corner. You’ll be taken to the “About” page under “My Company”

Step 3: Click “Security Policies.”

Managing Enterprise Single Sign-On (SSO) options

Enabling Password Login

Step 1: Go to the "Authentication” tab to access all the SSO options. Click on “Enable Password Login” and click “Save.”

Description

Enabling Google SSO

Step 1: On the SSO setup page, select “Enable Google SSO”.
Step 2: To also allow login with email/password, select “Allow Password Login”.

Step 3: Click “Save”.

 Note: Sign out of WorkSpan and click on “Sign in with Google” to test the Google SSO.

Enabling Microsoft SSO (Microsoft Azure SSO)

Step 1: On the Security Policies page, select “Enable Microsoft SSO” and select “Allow Password Login” if needed.
Step 2: Click “Get Tenant ID” and sign in with your Microsoft credentials. The Tenant ID field will auto-populate.
Step 3: Click “Save”.

 Note: Sign out of WorkSpan and click on “Sign in with Microsoft” to test Microsoft SSO.

Enabling SAML SSO

Setting up SAML-based Single Sign-On (SSO) allows your team to log in using your organization's identity provider (e.g., Okta, Azure, Microsoft), enhancing security and simplifying access.
The company’s IT admin enables SAML SSO and takes no more than 10 minutes to configure.

Adding a new SAML Configuration

If this is your first time setting up SAML, you will see a button labeled "Add SAML Configuration" on the Enable SAML pane. This is a one-time setup process.

Step 1: Click "Add SAML Configuration". A form will appear prompting you to enter the required SAML details. This step will be completed by the WorkSpan team

To configure SAML, you will need three key pieces of information from your IT or Identity Provider (IdP):

  • Entity ID: A unique string that identifies your IdP (Provided by WorkSpan).
  • SSO URL: A dedicated endpoint for handling SAML authentication.
  • Certificate: As the communication is encrypted between your application and your Identity provider, the Identity provider's public key is required in order to decrypt any incoming message.

After adding all the configurations, click on “Save.” If the entered values are correct, “ProviderID” will be auto-generated by the WorkSpan team.

 Note: These values are usually shared by WorkSpan to your IT administrator. Be sure to collect them before starting setup.

Editing the SAML Configuration

Step 1: To edit the configuration, click on the “Edit” button to see the details and then click “Save”.

 Note: Ensure to collect the field values from WorkSpan team before editing the existing SAML configuration.

Testing SAML Configuration

Step 1:  Click “Test Connection” to validate the setup. On success, the SSO login screen (e.g., Okta) will appear. Enter your credentials and click “Sign In”.

On successful connection, you will get the SSO login screen (Let’s say Okta is the provider here).

Step 2: Now, enter the login credentials and click on “Sign In”.After setup and testing are complete, SSO will work seamlessly for all users with no need to repeat the configuration steps.

 Note: If the testing fails, you won’t be able to save the SAML settings.

Enabling OpenID Connect (OIDC) 

This allows users to sign in once (via a trusted service provider like Microsoft, Google, or Okta) and access multiple applications without needing to create new usernames or passwords.

Step 1: On the SSO setup page, select “Enable OpenID Connect”.

Step 2: The "SSO URL for OIDC" will be automatically populated. The "Provider ID for OIDC" which is required to test the connection must be generated in advance by WorkSpan

 Note: To generate Provider ID, contact WorkSpan team or drop an email at Support@WorkSpan.com

Step 3: Click “Test Connection” to validate the setup. On success, the SSO login screen (e.g., Okta) will appear. Enter your credentials and click “Sign In”.

Using Partner SSO Access for Your Company Users

This setting in WorkSpan allows your company’s users to log in via SSO even when accessing partner-shared content. For example, let’s say your company is collaborating with a partner on WorkSpan. The partner owns the workspace. When this setting is enabled, your team can access that workspace using your SSO, not the partner’s login method.

Step 1: Click on the dropdown to select the type of object that you want to enable for your team to access. You can also add multiple Partner SSO by clicking on the “Add Partner SSO” button.

Step 2: Once done, click “Save”.

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.

In this Article

    Related Articles