evaluagent

The following feature flags and permissions are required to use this feature:

Manage security settings (<code>admin.security.settings</code>) — to add and configure SSO identity providers

- Manage security settings (<code>admin.security.settings</code>) — to add and configure SSO identity providers

For organisations that require Single Sign-On (SSO), evaluagent can be configured to work with your SAML2 compatible identity provider, such as:

<a href="Single-Sign-on-SSO-JumpCloud.md" rel="nofollow noopener noreferrer" target="_blank">JumpCloud</a>

- EntraID (formerly Azure AD)
- <a href="Single-Sign-on-SSO-OKTA.md" rel="nofollow noopener noreferrer" target="_blank">OKTA</a>
- OneLogin
- Auth0
- Google Workspace
- <a href="Single-Sign-on-SSO-JumpCloud.md" rel="nofollow noopener noreferrer" target="_blank">JumpCloud</a>

Once your SAML provider has been configured, you will have full control over which users must authenticate using SSO and which may continue to use a password-based login.

Go to Settings &gt; Security settings &gt; click the Single sign on tab.

From here, you can choose a _Default Authentication Method_. The options are:

Password Logon - allows users to log on with a password and does not enforce SSO.

SSO Providers - Any SSO Identity Providers you add will appear in this list. You can choose one of these to act as the default.

- Password Logon - allows users to log on with a password and does not enforce SSO.
- SSO Providers - Any SSO Identity Providers you add will appear in this list. You can choose one of these to act as the default.

You will see an option to "Add SSO SAML2 Provider" - Click this button and enter a descriptive name for your Identity Provider (e.g., OneLogin, Azure AD, OKTA). Once you have done that, press the "Create Provider" option, and it will now appear in the table.

To set up SSO in your Identity Provider (IDP), you will need to access the Configuration Settings in evaluagent. Click the View button alongside your newly created Identity Provider. This will show the SAML provider configuration settings that you need to enter into your IDP to allow evaluagent to authenticate users against your directory.

You will also need to configure your SAML provider to send an attribute named 'email' that is used to identify each user.

Please Note: When setting up the <code>email</code> Attribute/Claim on EntraID/Azure AD, the namespace field should be left empty.

This form must be populated with the settings provided by your Identity Provider. Once this is done, you can press 'Update provider' and your SSO provider should be ready to use.

Before switching all users in your organisation to your newly configured SSO provider, we recommend testing that all of the necessary configurations have been carried out correctly by assigning the SSO authentication method to a single user.

Note that only SSO providers that have been fully configured will appear in this list. If you do not see your new provider, please go back and check that all settings have been entered correctly.

This user should now be able to sign in to evaluagent using your SSO sign-in flow.

Use SSO as the default method of authentication

It is recommended to do this if you would like most of your users to log in with SSO. The authentication method for individual users can be configured on the Users page, as described earlier in the Testing Single Sign-On section.

Single Sign On SSO Azure Entra ID

Feature Requests

Arrange a demo

Main Website

Find answers and get help from Intercom Support and Community Experts

Conversations you've started through the messenger will appear here.

No conversations created by you

Try using different keywords or checking for typos.

No conversations found

Title

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Empty Help Center

Uh oh. That page doesn’t exist.

Home

Search results

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Feature Flag	Technical Name	Description
Single Sign-On	`feature_sso`	Enables SAML2-based SSO and the Single Sign-On tab in Security settings

Single Sign On SSO Azure Entra ID

Single sign-on (SSO) - Azure/Entra ID

Required Feature Flags

Introduction

Getting There

Create a new Identity Provider

Configuration Settings

Attributes / Claims

Testing Single Sign-On

Use SSO as the default method of authentication