Enabling Single Sign-on in FigPii

NOTE: This add-on is available upon request to our Enterprise users with a subscription the Large plans.

Single Sign-on (SSO) is an authentication process that allows users to access multiple applications with one set of sign-in credentials. SSO is a common procedure in enterprises, making it easier for them to manage a centralized list of their users. This practice makes it easy for them to restrict users' access to all connected applications by disabling their accounts once in the central database.

Enabling single sign-on (SSO) provides an extra layer of security to your FigPii account. You can set up SSO using any identity provider (IdP) that supports the creation of custom SAML applications or through our official single sign-on (SSO) connections to Microsoft Entra (Azure AD) and Google Workspace.

This add-on is available upon request to our Enterprise users with a subscription the Large plans. Customers who have an Enterprise plan and use authentication providers such as Google, Azure cloud, OneLogin, Okta, and Auth0 (or any other SAML 2.0-based identity provider) can authenticate their employees' access to FigPii using SSO.

Advantages of Using SSO

  • Eliminates credential reauthentication and helpdesk requests, thus improving productivity.
  • Streamlines local and remote applications and desktop workflow.
  • Minimizes phishing.

Enabling SSO in your FigPii Account

Once you have created a FigPii account, you can enable SSO by contacting your dedicated account manager or support@figpii.com. This is a one-time task. 

Prerequisite

To raise a request to enable SSO support for your account, you must have access levels as Account Owner or Account Manager (Domain Managers are not allowed to manage SSO settings, please contact your dedicated account manager or support@figpii.com if you have any questions).

Procedure

  • Sign in to your FigPii account.
  • Use the Help button in the lower corner to contact FigPii support and ask for SSO to be enabled for your account. (This add-on is available upon request to our Enterprise users with a subscription the Large plans). 
    • Please make sure to share your IdP name, our team will share the instructions to connect your IdP to FigPii.
  • After you've been contacted by our support team letting you know the SSO add-on has been enabled for your account you can proceed to the next step.
  • Click the gear icon ⚙ on the top right, and go to Domain Settings.

  • Scroll down to the Single Sign-On section and click on Enable Single Sign-On for this domain.

Single Sign-on FAQs

1. How should I configure SSO?
Follow the steps specified on this page under Procedure.
2. What would happen to the current session when a single sign-on is enabled/disabled for an account? Will the users be signed out of their accounts? 
Users authenticated through SSO will be signed out automatically within 24 hours. Please note the sign out is not immediate and can take up to 24 hours.
3. If an admin/owner enables SSO, will users still be allowed to sign in by using an email password?
Yes and No! You can specify if SSO should be enforced for all users under your domain settings.

4. If SSO is disabled, how will the users access the account? Can they start using their old email address and password?
Yes, users can use their existing email addresses and password to access their accounts. The users who haven’t set their password even once can use Forgot Password link to set their password; after this, they can use the email address and the new password to sign in to their account.
5. Will the users be allowed to change the password after SSO is enabled?
If Single Sign-On is not enforced for all users of your account, users can still change their password or login using their password. 
6. What would I do if my identity provider goes down?
If Single Sign-On is not enforced for all users of your account you can login using your username and password, otherwise raise a support ticket with FigPii, and FigPii will disable SSO for you. All users in your account can generate a password by using the link in the email sent to them or clicking the Forgot Password link and use it to sign in to FigPii.
7. Can I enable SSO only for a few users in my account?
Yes, you can choose to enforce Single Sign-On for all users or have it as a secondary option.

8. My company has enabled SSO, but I cannot sign in using SSO from my email id?
Even with SSO enabled you still need to be invited to FigPii by an admin. Contact your domain admin or FigPii support at support@figpii.com. 
9. My company uses a custom Single sign-on solution. Is FigPii compatible with that?
FigPii is compatible with any SAML 2.0-based authentication solution. Just reach out to FigPii support at support@figpii.com, and we will help you configure it.
10. What are the entry and logout URLs for FigPii?

Contact FigPii support at support@figpii.com for SSO configuration details.

Still need help? Contact Us Contact Us