Classic file types are no longer available for use as of January 2021. You can transition your classic files or download a PDF. Learn More

Workiva Support Center

Access SAML single sign-on

Access SAML single sign-on

  • Last updated on

Org Security Admins can enable single sign-on (SSO) to add an extra layer of security to an organization and workspaces. You can set up and maintain SSO using URLs for external provisioning.

Workiva supports SP and IdP settings, using SAML 2.0. Single sign-on is established and restricted to the users of that account. Workiva allows external authentication, however authorization is administered within Workiva.

There are three basic options for SSO authentication:

  • Enable SAML Single Sign-On: Users can sign in with SSO or continue to use their username and password.

  • Require SAML Single Sign-On for Users: Non-Admin users are required to use SSO, while Org Security Admins may continue to sign in using their username and password.

  • Require SAML Single Sign-On for Org Security Admins: This requires single sign-on for Organization Security Admins.

If needed, you can designate specific users to allow them to sign in without using SSO. This is helpful when people in different departments, consultants, or those outside your company need access to Workiva. To learn more, see Add and manage SAML single sign-on bypass users.

 

Access SSO settings

To access and manage SAML single sign-on settings:

  1. In the top right, click the user icon and select Organization Admin from the Admin dropdown.
  2. Click Security and choose the Single Sign-On tab.
    saml single sign on.png

You can assign someone as an Org Security Admin from your Identity Access Management (IAM) or Information Technology (IT) teams. Then, they can then help set up SSO and ensure settings meet any company requirements.

Setting someone as an Org Security Admin only provides access to the security settings for authentication and SSO. It does not allow access to documents or data in Workiva.

To learn how to assign an organization role, see Update an organization role.

 

Gather SSO requirements

To gather requirements for your configuration and to test your setup, you can enable SAML in your organization before you require users to use it to sign in. By only enabling SAML, this allows you to gather what you need and does not impact users signing in.

If you need assistance setting up SSO, refer to these steps or you can contact Workiva Support

 

What's next?

 

Was this article helpful?
6 out of 9 found this helpful
Org Security Admins can enable single sign-on (SSO) to add an extra layer of security to an organization and workspac...