Adding Single Sign-On (SSO) to Your Criteria Account
Criteria provides your users with the ability to sign in via Single Sign-On (SSO). We are able to integrate with any SAML 2.0-compliant IdP.
With SSO enabled, your users will be able to sign into your organization’s Criteria account through the identity provider (IdP) of your choice.
Please note that Single Sign-On is only available for customers using the Criteria Enterprise Platform. To confirm you are on the right platform or to discuss upgrading, please contact your Customer Success Manager.
Enabling the SSO Integration
This process will require admin access to your chosen IdP. If you do not have IdP admin access these instructions can be sent to your technical team who does (e.g. IT, Cyber Security, Network admin, etc.).
Setting up your SSO with Criteria involves just four steps:
- Configure your IdP.
- Send the Metadata file to Criteria.
- Criteria soft-enables the integration.
- SSO integration is hard-enabled.
1. Configure your IdP
You or your IdP Admin will configure your IdP as per the instructions listed below. We offer set up guides for the following IdPs:
2. Send the Metadata file to Criteria
Once you or your IdP admin has configured your IdP, you will need to email your Metadata file to our Support Team.
3. Criteria soft-enables the integration
Initially, we will soft-enable SSO for your Criteria account. We will provide you with a custom login URL, which will include a "login with <SSO Provider>" button. This will enable you to get your SSO provider to authenticate.
When soft-enabled your users will be able to test that the SSO is working, but still maintain access using their Criteria account login credential (email and password).
If you have any queries regarding this step in the process, or would like some assistance with troubleshooting any problems, please reach out to our Support team for assistance.
4. SSO integration is hard-enabled
Once you're satisfied that the SSO is functioning correctly, please advise our team. We will then hard-enable the SSO. At this point, your users will only be able to log in via SSO with admin users maintaining both Criteria account login and SSO access.