How can we help?

Search

Setup Your Torii Account to Use SSO (Single-Sign-On) For Login

Noga Tubi
Noga Tubi
  • Updated
Make it easier and more secure for your users to log in to Torii

Setup your account to use Single-Sign-On in order to allow signups and logins to Torii has never been easier.

First, make sure you are  Admin in your Torii account. You can check this on the Settings -> Team page. Only admins can configure SSO for their accounts.

SSO Configuration

Please follow these steps to set it up:

  1. Identify which Identity Provider (Okta, OneLogin, Google, Microsoft Azure AD, etc...) your organization is using and follow the appropriate instructions in order to get your SSO metadata XML configuration file:

    1. Setup your account to use Azure Active Directory SSO

    2. Setup your account to use Google SSO

    3. Setup your account to use JumpCloud SSO

    4. Setup your account to use Okta SSO

    5. Setup your account to use OneLogin SSO

    6. Torii supports any other Identity Provider that supports SAML

  2. Go to Settings -> Security page

     

     

  3. Click the Configure SSO button

     

     

  4. Drag & Drop or browse to select the metadata.xml configuration file you have obtained from your Identity Provider

  5. Torii will process the configuration file and will present the following confirmation which indicates your SSO configuration is in place

     

     

  6. Click Done to close the dialog box

  7. SSO is now configured for your account but is not yet enforced

 

Testing your SSO configuration

Now that SSO has been configured, validate it is working:

  • Log out of Torii

  • Log in to Torii again and you will now be redirected to your Identity Provider to login using SSO

In case the login was not successful, you can use the "or click here to login using a password" link that appears after entering your email address:

Enforce users to sign in using SSO

After you validated that your SSO configuration is in place and working as expected, you can go ahead and enforce all your users to login only via SSO - this is easier for them and better for the organization's security.

 

Go to the Settings -> Security page and change the state of the 'Enforce users to sign in using SSO' switch to On

 

 

Remove SSO

If you would like to revert back to using email and passwords for Torii login, click the Remove SSO button and confirm the removal in the confirmation dialog that will pop up.

 

You can then re-configure your account to use SSO by following the instructions at the top of this guide.

Q&A

Q: What is the expected behavior when SSO is enforced and Torii times out due to inactivity? 

A: After an idle timeout, the user is sent to the Torii login page.
You can always log back into Torii from your SSO portal with one click. 

 

Need help?

Our support team is always available at support@toriihq.com to help.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request