๐ This article provides the steps to request a Single Sign-On configuration with Botify, available with a Botify Enterprise plan.
Overview
Single Sign-On (SSO) is an authentication technology that improves security and simplifies sysadmin operations. Botify SSO provides Sign-in and Sign-up authentication and is included in all Botify Enterprise plans.
Requesting an SSO Configuration
To configure SSO, please provide your account manager with the following information:
The name of your identity provider.
The organization name (group/company name).
The domain name(s) that will be authorized to connect via SSO.
(Optional) The login cookie duration (the Botify default is 8 hours).
Botify Support will provide you with a Setup link to configure SSO. When you have the link, simply select your provider and indicate your connection URLs. A connection test is available at the end of the procedure to confirm that everything is correctly configured.
Requirements by Identity Provider
The following are additional requirements for these identity providers. If you use one of these identity providers, please refer to their additional requirements when setting up SSO.
OKTA
Identity Provider Issuer (Entity ID)
Identity Provider SSO URL
X.509 Certificate
Microsoft Active Directory Federation Services (ADFS)
Identity Provider SSO URL
Relying Party Trust ID
Relying Party Trust Certificate
X.509 Certificate
Azure AD
Identity Provider SSO URL
X.509 Certificate
OneLogin AD
Identity Provider Issuer URL (Entity ID)
Identity Provider SAML 2.0 Endpoint
X.509 Certificate
Activating SSO
Once completed, Botify Support will activate SSO on your account. To avoid user disruption, your SEO Success Manager will coordinate a specific time to push the SSO configuration live. Please allow us up to five business days to complete this process. If you have concerns or questions about these steps, please contact Support using the appropriate regional address below.
FAQs
Is SSO enforced at the account level?
Is SSO enforced at the account level?
Yes. Once SSO is enforced, all users on the account must log in with their identity provider. Logging in with a classic email and password will no longer work.
Can we revert to the classic authentication (Botify username and password)?
Can we revert to the classic authentication (Botify username and password)?
Yes. Usernames (emails) and existing account passwords are only deactivated, not deleted.
Can external or guest accounts still access our projects?
Can external or guest accounts still access our projects?
No. You must create new credentials for these users because they must be in the company directory.
Is it possible to choose an alternative company name for increased security?
Is it possible to choose an alternative company name for increased security?
Yes. A secret company name can be set up or updated by Support.
How does Botify manage SAML requests? Is Botify compliant with security standards?
How does Botify manage SAML requests? Is Botify compliant with security standards?
Yes, Botify is compliant with security standards. We partner with a company specializing in SAML management to provide SSO features.
Contact Support
If you need any assistance, please contact Support.