Single sign on (SSO)

What is Single sign on (SSO)?

SSO is a single sign on system that allows users to log in to multiple applications using one set of credentials. The user is authenticated with a single sign-on and is considered trusted by the other applications and does not need to enter additional passwords.

The SSO login method can also be used for logging into the FaceUp administration. If you enable SSO in your company, members will log in to the FaceUp administration using their company email without having to create and enter a password.

How to set up SSO?

1. First, you generate three pieces of information through Azure Active Directory (AAD):

  • Provider URL
  • Client ID
  • Client Secret

Tip: If needed, you can contact us and we can provide you with instructions on how to obtain and fill in the necessary information from AAD.

2. In the FaceUp administration, go to Settings, where you will find the Single Sign-On section on the Organisation Settings tab. Enter the data you have obtained here and confirm with the Save button. SSO can only be used in combination with standard encryption (E2EE encryption cannot be enabled with SSO). Because users do not use a password to log in, it is not possible to set up two-factor authentication at the same time as SSO (except for the member who has enabled SSO).

3. SSO can be turned on and off by a member with access to the main organisational unit and settings. The member who turns SSO on is the only one who continues to log in with an email and password. It is therefore recommended that the main member chooses a really secure password and also secures their account using two-factor authentication, which can be enabled in the FaceUp administration under Settings → My Account → Security → Two-factor authentication.