Single sign-on (SSO) authentication allows users to authenticate via their organization's third-party identity provider (IDP) and gain access to a different system by providing proof of their authentication.
For you, this means that you can delegate Dashboard team management, account creation, and authentication to a third-party IDP.
You can use any identity provider to enable SSO with Dashboard, as long as they support Security Assertion Markup Language 2.0 (SAML).
You can use SSO to:
- Sign in to Dashboard directly through your SSO platform's portal.
- Grant, update, and revoke your team's Dashboard access.
- Mandate your organization's security policies, such as multi-factor authentication, password policies, and account recovery procedures.
Enabling SSO authentication in Dashboard can simplify user management, as user access and permissions are granted or revoked automatically based on the user's identity and assigned groups in your SSO platform.
In addition, as you can mandate and enforce authentication standards directly from the SSO platform, you can increase security around your Dashboard access.
There are some limitations to be aware of if you decide to enable SSO for Dashboard.
Dashboard relies on the SSO service to provide user access and role information during authentication, meaning Dashboard is unaware of any changes in a user's permissions until they attempt to log in.
If a user's access is revoked via SSO, this will not be reflected in the Dashboard UI until a login attempt is made. This solely affects the UI, at no point will a user with access revoked within your IDP be able to access Dashboard.
System for Cross-domain Identity Management (SCIM) protocol, used to synchronize user identity details and permissions with applications, is not currently supported.