Administrators and Super Administrators
Workplace Online > Configuration > Single Sign-On
We're pleased to introduce Single Sign-On (SSO). The Workplace"Workplace" describes the Autotask Workplace service in its entirety. Single Sign-On feature allows for an additional method of authentication when accessing Workplace OnlineWorkplace Online is the web portal that users within a team can use to access their data and administer their team..
Once authenticated by the IdP (Identity Provider), the SAML 2.0 protocol is used to authenticate access to Workplace Online. A user simply needs to login once to the IdP, and can thereafter access multiple applications without needing further authentication.
- The SSO integration enables an additional authentication method.
- Users can still login with their normal Workplace credentials or Active Directory credentials (if AD Integration is enabled).
- If Linked Teams are in use, the SSO integration will only function with the primary account.
- This integration only applies to Workplace Online. The is no integration with Workplace DesktopAlso known as the Workplace Desktop app, and in the context of this documentation, simply "the app," Workplace Desktop is the software installed on a computer that is responsible for synchronizing data between the local drive and the cloud. or Workplace MobileWorkplace Mobile is the Workplace application designed specifically for the various mobile platforms, providing access to Autotask Workplace..
To enable the Single Sign-On feature, the following requirements must be met:
- You must be an administrator or super administrator in Workplace
- You must have an administrator account in the IdP.
- The users that will utilize this feature must have accounts within Workplace and the IdP, and their email addresses for both must match.
If your IdP is not listed, use the information displayed on the Workplace Online Single Sign-On tab to create a metadata XML file or URL from within your IdP.
Implementing this integration requires setup from within both Workplace and the IdP.
For the specific IdPs listed below, initial steps are taken within the IdP. Workplace has created “applications” within those IdPs to make the process as easy as possible, but please note that you can use other IdPs as well.
Implementation instructions: Single Sign-On Integration for Okta
- Other IdPs
While we can't provide specific instructions for how to integrate with all IdPs, as processes will vary, we can offer the following guidance:
When configuring the IdP, a subdomain will need to be specified. To confirm the correct subdomain, login to Workplace Online. Once logged in, make note to the subdomain in the URL.
The subdomain is the part between the “https://“ and “.workplace.datto.com/“ and should be us, eu, ca, or au.
- Log in to Workplace Online using the administrator credentials for your team.
- Go to ConfigurationConfiguration is the area within Autotask Workplace Online that allows you to customize your site, add your integrations, and configure the site-wide policies that dictate how Autotask Workplace will behave for your team. > Single Sign-On:
Using the XML file or URL from the IdP, the final step is to activate the feature within Workplace Online.
Toggle the Enable SSO / Disable SSO button on the Single Sign-On configuration page.
Once enabled, the SSO tab will display an event log of SSO related activities on your team. These events will also be shown on the Reports tab.
In order to improve security and guard against unauthorized account access attempts, we've updated our interface and workflow for password retrieval. When you click the Forgot Password link on your login page, the following prompt will display:
Just enter your email address, optionally select the Send text message check box, and click Reset Password. This will send a password verification email to your email account as well as a notification email to the primary contact on your account.
For more information on logging in, resetting your password, or setting up two-factor authentication, please refer to Log In.
Once the integration is enabled, user will additionally be able to access Workplace Online in the following ways:
- Via the application within the IdP interface.
The specific steps will be dependent on your IdP.
- Navigating to the Workplace Online login page, once already authenticated with the IdP. Refer to Log In.
The URL with the correct subdomain must be used for this to function.
- Via the SSO login page.
The https://XX.workplace.datto.com/loginsso URL (where XX is the appropriate subdomain) can be used to access Workplace Online. This login page will request only your username. After entering your username, the IdP will request your SSO credentials and grant access to Workplace Online.
- Via standard login page.
If SSO is enabled for your team, you will see an option to log in via SSO on your Workplace login screen after you've entered your username.
|Forward this topic to others|