Single Sing-On (SSO)
Single Sign-On (SSO) allows to manage your organisation's users across multiple applications that you use. Your users can then access multiple applications with a single set of corporate credentials.
Supported Identity Providers
You can set up Ybug's Single Sign-On (SSO) with any SAML-enabled Identity Provider (for example Okta, Microsoft Azure AD, OneLogin, ...).
Please find your Identity Provider on the following list:
If you haven't found your Identity Provider, you can still set up SAML Single Sign-On. Please contact us.
Sign in using SSO
Ybug supports sign in initiated from both the Identity Provider or Service provider (Ybug). Users who have already signed in to Ybug using SSO can go to our normal Login page and select Log in with Single Sign-On.
User provisioning
To properly identify and provision the SSO users, the SAML Identity Provider must be set up to provide three attributes: Email, FirstName, and LastName. As all Ybug users need to have a valid email address (regardless of whether they use SSO or login / password for authentication), make sure that your Identity Provider can pass an email address value using the NameId attribute.
When enabling SSO in your Ybug account, all your team members (except account owners) will be enforced to use the Single Sign-On as their authentication method. Only the account owners can always use both methods (SAML SSO and username / password) to authenticate into Ybug. This is important when there is a mistake in the SSO configuration or something changes in the Identity Provider. The account owner can then log in with credentials and fix the problem.
