Cordial's single sign-on (SSO) feature allows you to utilize a third party identity provider to manage authentication and authorization to the Cordial platform. You can give users seamless access to Cordial through a single set of credentials you already manage—and without the need to create a separate Cordial account. This creates a frictionless user experience while also improving security and user management.
Enable single sign-on
Cordial has implemented the SAML protocol to support single sign-on. You can enable single sign-on access to Cordial as long as your identity provider (such as Okta or Ping) adheres to SAML protocol.
Follow these steps to enable single sign-on access to Cordial:
1. Provide Cordial with a list of allowed SSO domains (@example.com).
2. Identify users that should have access to Cordial via SSO and ensure they have proper access to accounts by assigning and passing Cordial account keys as user attributes. Once access is granted, users with email addresses under the allowed domains will automatically be authenticated via SSO.
3. Contact your Client Success Manager so Cordial can configure the required database schema to support your identity provider.
If Cordial accounts for users already exist, those users will get upgraded to receive SSO access.
4. Cordial collaborates with your team to test the integration and ensure that access is properly configured.