Skip to main content
All CollectionsPlatformSingle Sign-On (SSO)
SSO - Fast and Convenient Login for Employees
SSO - Fast and Convenient Login for Employees

Simplify the access to Frontify for all your employees by using SSO (Single Sign-On).

Updated over a week ago

SSO is a fast and convenient way to log in for all of your colleagues. With Single Sign-On, you can give automatic viewing access to all (or parts of) your company's employees. You don't need to manage their access to Frontify, nor do users have to create a profile with a new password to remember. When activated, the login page shows an additional login button above the standard login form.

Availability

SSO is available for Enterprise plans. Ensure that your system supports the SAML 2.0 standard or OpenID Connect (OIDC). Please get in touch with us for other SSO connectors., but note that we only support SP-initiated SSO.


SAML Configuration

You need the following information to configure SSO for your account:

  • Entity ID

  • SSO Service URL

  • Certificate (x509)

Once providing this information, you will receive metadata for the service provider configuration on your side, including Identifier, SSO URL / ACS, and Default Relay State.

The following fields must be part of the SSO request response:

  • Name ID Format: EmailAddress

  • Application Username: Email

including the following attributes:

  • User.email

  • User.FirstName

  • User.LastName

  • User.Groups (optional)


OpenID Connect Configuration

You need the following information to configure OpenID Connect SSO for your account.

  • Authorization URL

  • Access Token URL

  • Client ID

  • Client Secret

  • Scopes*

  • Public Key Source (URL or JSON)

* Mandatory Scopes: openid profile email

* Optional Scope: roleNames (for SSO group mapping)


Finally, you can decide which Style Guides/Projects SSO users should get viewing access to and which page users are pointed to upon login. You can redirect into your primary Style Guide or the dashboard (default).


Appendix:

Did this answer your question?