|
Classic file types are no longer available for use as of January 2021. You can transition your classic files or download a PDF. Learn More

Workiva Support Center

Access SAML single sign-on

Access SAML single sign-on

  • Last updated on
Related to sso

Org Security Admins can force single sign-on (SSO) to add an extra layer of security to an organization and workspaces. You can set up and maintain SSO using URLs for external provisioning.

Workiva supports both SP and IdP settings using SAML 2.0. Single sign-on is established and restricted to the users of that account. Workiva allows external authentication, however authorization is administered within Workiva.

There are two basic options for SSO authentication:

  • Force users to sign in using SSO (Recommended): Non-admin users are forced to sign in using SSO, while Org Security Admins may continue to sign in using their username and password.
  • Force Org Security Admins to sign in using SSO: Organization Security Admins are forced to sign in using SSO.

If needed, you can designate specific users to allow them to sign in without using SSO. This is helpful when people in different departments, consultants, or those outside your company need access to Workiva. To learn more, see the Add users to and manage the SAML single sign-on exceptions list Workiva Support page.

 

Access SSO settings

To access and manage SAML single sign-on settings:

  1. In the top right, click the user icon and select Organization Admin from the Admin dropdown.
    org admin option
  2. Go to Identity & access management > Authentication > SSO configuration.
    SSO configuration page

You can assign someone as an Org Security Admin from your Identity Access Management (IAM) or Information Technology (IT) teams. Then, they can then help set up SSO and ensure settings meet any company requirements.

Setting someone as an Org Security Admin only provides access to the security settings for authentication and SSO. It does not allow access to documents or data in Workiva.

To learn how to assign an organization role, see Update an organization role.

 

Gather SSO requirements

To gather requirements for your configuration and to test your setup, you can enable SAML in your organization before you require users to use it to sign in. By only enabling SAML, this allows you to gather what you need and does not impact users signing in.

If you need assistance setting up SSO, refer to these steps or you can contact Workiva Support

What's next?

 

Was this article helpful?
8 out of 12 found this helpful
Org Security Admins can force single sign-on (SSO) to add an extra layer of security to an organization and workspace...