With Perdoo, your organization can use Google or SAML SSO (Single Sign-On) to access your account using only email addresses. If you're using an SSO provider like Okta, Onelogin, or Microsoft Azure Active Directory, you can benefit from Perdoo's support for SAML.
You can also use SSO with the Perdoo app for iOS or Android.
In this article:
💡 Pro tip: You can add 2FA (two-factor or multi-factor authentication) through our Single Sign-On (SSO) integration. Most SSO providers (Microsoft Azure, SAML, Google, etc.) allow you to enforce 2FA. Once this is enforced, 2FA will also be a requirement to log in to Perdoo.
Set up SSO
Go to Configure
Click on Integrations tab
Check the Enabled checkbox
Enter Company Domain(s)
Select if you'd like User provisioning or Strict authentication
Select your Provider
Check (to enable SSO) or uncheck (to disable SSO) the checkbox.
Enter your company domain here. For multiple, separate your domains with a comma:
These settings control what happens if a user logs in via SSO that hasn't been created in Perdoo yet.
When enabled, it'll create a new standard user with the same email address. When disabled, the user will not be able to log in.
The fields that will populate automatically are
For added security, enforce SSO-only logins, by checking the checkbox. This prevents any user from logging in via email password, or performing a password reset.
Choose Google or a SAML (ADFS, OneLogin, Bitium, Okta, etc.) connection.
The following SAML attributes are supported:
Please note: The "role" field is currently not supported as a mapped field. All users auto-provisioned users will be created as standard users.
IdP Entity ID (aka. Metadata URL)
SSO URL (aka. SAML Sign In URL)
X509 Signing Certificate (in PEM or CER format)
Copy the following to your identity provider:
Need a hand? Contact our friendly Support team via the in-app chat at the bottom-right of your screen, or email firstname.lastname@example.org.