SSO is a single sign-on system that allows users to log in to multiple applications using one set of credentials. The user is authenticated with a single sign-on and is considered trusted by the other applications and does not need to enter additional passwords.
The SSO login method can also be used for logging into the FaceUp administration. If you enable SSO in your company, members will log in to the FaceUp administration using their company email without having to create and enter a password.
We support the OpenID protocol. You can connect FaceUp to Azure Active Directory, Okta and other platforms.
1. First, you generate three pieces of information through Azure Active Directory (AAD) or other tool:
Tip: Check out the detailed instructions for getting and filling out the required AAD data.
2. In the FaceUp administration, go to Settings, where you will find the Single Sign-On section on the Organisation Settings tab. Enter the data you have obtained here and confirm with the Save button. SSO can only be used in combination with standard encryption (E2EE encryption cannot be enabled with SSO). Because users do not use a password to log in, it is not possible to set up two-factor authentication at the same time as SSO (except for the member who has enabled SSO).
3. SSO can be turned on and off by a member with access to the main organisational unit and settings. The member who turns SSO on is the only one who continues to log in with an email and password. It is therefore recommended that the main member chooses a really secure password and also secures their account using two-factor authentication, which can be enabled in the FaceUp administration under Settings → My Account → Security → Two-factor authentication.