Single sign-on (SSO) is an authentication method that allows employees and managers to access multiple applications with a single set of login credentials, handled through a single system. Integrating your SSO platform with Ento ensures an easier setup process and a consistent log in experience.
SSO can be added separately for your employees, managers or can be enabled for both.
What it means for your managers
Managers will still create employees in Ento via Core HR > People > Employees, but will no longer need to set/reset passwords.
These passwords, and indeed access to Ento itself will be controlled by your SSO provider.
Employee records in Ento should simply match your SSO’s username, whether that’s the employee email address or employee ID.
Once employees are removed from the SSO provider, they will be immediately unable to log into Ento, though their existing sessions will be closed within a maximum of 8 hours. They can then also be removed from Ento manually to immediately terminate that session.
What it means for your employees
With SSO, employees can continue to use normal Ento login pages both on web & mobile apps.
When entering their username and hitting ‘Next’, Ento will then direct them to the SSO provider’s page to log in or reset their password. Upon a successful login, they will be redirected into their Ento account.
Supported Identity Providers
|
Employee |
Manager |
ADFS |
✓ |
✓ |
Okta |
✓ |
✓ |
Azure |
✓ |
✓ |
Other SAML based IdP |
Get in contact |
Get in contact |
Technical Details and Setup
If you’re interested in setting up SSO for your account, please get in touch with your account manager or contact support and provide us with the following details:
-
Authentication provider (IdP) metadata in XML format
-
What you plan to use as the username for Ento, and what the username is in your IdP. The default for both is the employee's email address.
We’ll then assist with next steps for setup.