Single Sign-On (SSO) with SAML allows your team members to sign in to Routable using your existing identity provider (IdP)/SSO solution.
Members will be able to seamlessly access Routable when they’re logged in to your organization’s identity provider system.
Your identity provider will authenticate and authorize your Routable users, who no longer need to remember Routable-specific usernames and passwords.
When using SSO with SAML, you can use single sign-on with any third-party IdP:
- Microsoft Azure / Active Directory
- Okta / Auth0
- OneLogin
- Ping
- G Suite
- Don’t see your IdP? As long as they are using SAML 2.0, you can set up SSO with Routable.
Once Single Sign-On is enabled, you’ll benefit from:
- Easier login for employees
- Knowing only employees with valid credentials have access to Routable
- Multi-Factor Authentication (MFA)
- Enhanced Security
- Improved Integrations
- Ability to manage all Routable member roles in Routable
Require SSO with SAML vs. Optional SSO with SAML
With “SSO with SAML”, use your IdP to authenticate Routable team members, and configure it to either require SSO login or make it optional for members of your team.
Setting up SSO with SAML
Please contact your Routable customer success representative to configure SSO with SAML.
Two-factor authentication and SSO with SAML
Routable supports two-factor authentication set up in your IdP, which requires members to enter a code from an authenticator app when logging in:
- For members who have enabled two-factor authentication, Routable asks for the code entry after the identity provider login process is complete
- Routable utilizes two-factor authentication (2FA), which may or may not be enabled for your Google Workspace account
Configuring access to multiple Routable workspaces
When there is a single identity provider, Routable supports switching between workspaces without needing to authorize separately.
To set up SSO with SAML for multiple workspaces, each workspace must use the same configuration on the identity provider. Users will have access to the workspaces they have been provisioned for in Routable.
FAQ’s
If SSO with SAML is enabled, how often will members have to login?
Routable’s SSO with SAML feature includes an extra layer of security allowing members to stay logged in securely for long periods of time as long as they are using Routable frequently. Every day, Routable validates member access and activity which securely provides access for 30 days.
After 30 days of inactivity, members will be logged out of Routable.
Does restricting employee access to email, archiving, or deleting emails in our IdP remove the membership in Routable?
No. If a member's account has been disabled, they will no longer be able to access your Routable workspace, but they will continue to be considered a Routable member until disabled in Team Management. Depending on their role, this could impact pricing.
✋ If SSO with SAML is optional, users could still access Routable via username and password, until disabled in Team Management.
Does Routable offer 2FA / MFA?
Routable offers two-factor authentication set up in the Identity Provider and enabled through single sign-on (Google Apps SSO or SSO with SAML.)
Is there any way to bypass SSO with SAML once turned on?
Yes! There are two ways to bypass SSO with SAML once turned on:
1️⃣ Log in to Routable as an Administrator or IT Administrator using your username and password
2️⃣ An Administrator or IT Administrator can configure SSO with SAML to be Optional, which allows members to log in with a username and password.
I work for an accounting firm and access the workspaces of our clients, can our client use SSO with SAML?
Yes. However, if you log into their workspace using username and password, ensure SSO with SAML is configured as Optional.
Our company has third-parties who access our workspace, can we use SSO with SAML?
Yes. However, if you log into their workspace using username and password, ensure SSO with SAML is configured as Optional.
Does SSO with SAML support user provisioning?
Not at this time, but this is something we hope to offer soon.
Comments
0 comments
Article is closed for comments.