For organisations that require Single Sign-On (SSO), evaluagent can be configured to work with your SAML2 compatible identity provider, such as:

Once your SAML provider has been configured, you will have full control over which users must authenticate using SSO and which may continue to use a password-based login.

Navigation prompt

Go to SETTINGS > click Security settings > Click the Single sign on tab

By following the navigation prompt, you will see the following screen:

From here, you can choose a Default Authentication Method. The options are:

You will see an option to "Add SSO SAML2 Provider" - Click this button and enter a descriptive name for your Identity Provider (e.g., OneLogin, Azure AD, OKTA). Once you have done that, press the "Create Provider" option, and it will now appear in the table.

To set up SSO in your Identity Provider (IDP), you will need to access the Configuration Settings in evaluagent. Click the View button alongside your newly created Identity Provider. This will show the SAML provider configuration settings that you need to enter into your IDP to allow evaluagent to authenticate users against your directory.

You will also need to configure your SAML provider to send an attribute named 'email' that is used to identify each user.

​Please Note: When setting up the email Attribute/Claim on EntraID/Azure AD, the namespace field should be left empty.

This form must be populated with the settings provided by your Identity Provider. Once this is done, you can press 'Update provider' and your SSO provider should be ready to use.

Before switching all users in your organisation to your newly configured SSO provider, we recommend testing that all of the necessary configurations have been carried out correctly by assigning the SSO authentication method to a single user.

Note that only SSO providers that have been fully configured will appear in this list. If you do not see your new provider, please go back and check that all settings have been entered correctly.

This user should now be able to sign in to evaluagent using your SSO sign-in flow.

It is recommended to do this if you would like most of your users to log in with SSO. The authentication method for individual users can be configured on the Users page as described earlier in the Testing Single Sign-On instructions section.