SSO Settings

Overview

Single Sign On (SSO) Settings control how users authenticate into Manage1to1. When an SSO provider is enabled, users can authenticate using the configured identity provider instead of local credentials.

SSO configuration impacts login behavior for all users and should be planned carefully before enabling enforcement options.

---

Force Single Sign On

When Force Single Sign On is enabled, users are required to authenticate using an SSO provider and cannot log in using a username and password.

This setting is commonly used by districts that require centralized identity management and do not allow local credentials.

Before enabling this option, ensure that:

• At least one SSO provider is fully configured and tested
• Administrative access is confirmed through the SSO provider
• A recovery plan exists in case of misconfiguration

---

SSO Providers

The SSO Providers section lists available authentication providers and their configuration status.

Each provider must be enabled and properly configured before it can be used for authentication.

Google SSO

Google SSO allows users to authenticate using Google Workspace credentials.

Configuring Google SSO requires creating an application within Google and supplying the required client credentials to Manage1to1. Once enabled, users can authenticate using their Google accounts.

---

Considerations

• Enabling SSO does not automatically enforce SSO authentication unless Force Single Sign On is enabled
• Changes to SSO configuration affect all users
• Improper configuration can prevent users from accessing the system

Districts are encouraged to test SSO configuration with a limited set of users before forcing SSO authentication.