Overview eSpatial can integrate with SAML 2.0. compliant Identity Providers
Overview
eSpatial supports Single Sign-On (SSO) for our enterprise customers. SSO simplifies the process for IT staff to centrally manage users in their organisation. The IT managers can grant and revoke access to 3rd party applications such as eSpatial.
eSpatial's SSO solution integrates with SAML 2.0. compliant identity providers.
Steps to enable SSO in eSpatial
SSO is available to enterprise users. SSO should be enabled when you are setting up your eSpatial account. If you have already setup your account and added a number of users, you should not enable the SSO option.
Go to "Manage Groups & Users" which is available under the drop down.
Once in Manage Groups & Users, click on the SSO Configuration link
You will then be presented with a screen to configure the SSO integration between eSpatial and your Identity Provider. The steps for each Identity Provider will be slightly different so contact your Customer Success Manager and we will help you through the setup.
SSO Considerations
- Your corporate identity provider must be SAML 2.0. compliant (e.g. Okta, Microsoft Azure).
- If considering using SSO with eSpatial, you should set this up when you start using eSpatial. Do not create users on your account until SSO is successfully configured.
- You should engage with your Customer Success Manager and advise them that you are planning on using eSpatial and SSO so that we can best advise you on an implementation plan specific to your organization and for your Identity Provider.
- Once you have enabled SSO, a default SSO group is created for any new SSO users. By default, this group has limited privileges. When you have setup your SSO configuration you can modify this default group.
- When you remove a users access to eSpatial from your identity provider, they will still exist in eSpatial. They will no longer be able to login (because you've removed this privilege). You will need to also manually remove them from eSpatial.