Skip to content
English
  • There are no suggestions because the search field is empty.

Using Single Sign On (SSO) With Your Site

All users can create an account on any Findhelp site. However, your organization can authorize users on your site to gain additional functionality and report access. Single sign-on (SSO) functionality allows your organization to automatically create user accounts upon a user’s first site access and assign them to a group automatically. SSO also enables authorized users to log in using credentials (username and password) from another system, providing a seamless login experience. This feature is only available to Enterprise and Enterprise + customers.

Site Administrators and Group Managers can use the User and Group Management tool to assign user permissions and organize users into groups on your site.

Setting Up Users and Groups

When a user accesses your site for the first time using SSO, their account is created automatically without manual intervention, as long as the required user information is sent from your Active Directory system to your Findhelp site.

Configure Single Sign-On

Various attributes from your Active Directory system can be passed to your Findhelp site to create user accounts. The required attributes are Email, Name ID, First Name, and Last Name, while optional attributes, like Title, Department, and Group, can be configured as desired.

Work with your Active Directory Administrator and Customer Success Manager to ensure all necessary and optional attributes are passed from your Active Directory to your Findhelp site.

Initial Group Setup with SSO

With SSO enabled, a user’s group may be automatically assigned through the “group” attribute upon first access. Groups within your site can be created based on a field in your organization’s Active Directory or a static group can be assigned to all users.

SSO can only assign one group to a user automatically. Users can belong to multiple groups, but any additional groups must be manually created and assigned by a Site Administrator or Group Manager.

Assigning Groups Automatically

Depending on your Active Directory setup, you can map an attribute to assign a specific group to users based on that attribute. Work with your Active Directory Administrator to determine which, if any, attributes should guide group assignment.

Configure the Group Attribute for SSO

Coordinate with your Active Directory Administrator and Customer Success Manager to ensure the correct “group” attribute is passed for each relevant group from Active Directory to your Findhelp site.

(Optional) Enable Team Navigation

By default, groups created via SSO do not have Team Navigation enabled. Work with your Customer Success Manager to enable Team Navigation for SSO-created groups.

Removing Users

When a user tries to log in through SSO, a request is sent to your Active Directory to validate their information. If a user’s account has been removed or deactivated in your Active Directory, no further action is needed on your Findhelp site to remove them, as they will not be able to log in.

Optionally, you may manually deactivate these accounts in your Findhelp User and Group Management tool. This can help you keep track of currently active users on your site.