Managing Single Sign-On for Organization
Each Organization can have a custom url (https://plaidcloud.com/sso/<custom_name_here>) for members to access the single sign-on page you specified in the configuration.
To create a custom URL:
- Select the “Organization Settings” menu from the top right of screen
- Click “Single Sign-On Security Credentials”
- Adjust the Single Sign-On URL as desired
- Click “Update Organization SSO Settings”
Allow Creation of Users Automatically
If Single Sign-On is enabled, you can choose to automatically create members based on successful Single Sign-On authentication. New members will receive the default workspace and security roles specified in the Organization settings. To automatically create members:
- Select the “Organization Settings” menu from the top right of screen
- Click “Organization and User Settings”
- Check the “Create Users Automatically from Single Sign-On” box
- Choose the desired default workspace
Use of this feature greatly simplifies member management because new members will automatically have access without any additional setup in PlaidCloud. Similarly, if members are removed from the Single Sign-On facility, they will no longer have access to PlaidCloud.
Allow Security Group Assignments from Single Sign-On
If Single Sign-On is enabled, you can choose to pass a group association list along with the positive authentication message. The list’s items will be used to assign a member to the specified groups and remove them from any not specified. This is an effective way to manage security group assignments by using a central user management service such as Active Directory or other LDAP service.
If this option is enabled, security roles will be assigned using the supplied list the next time a member signs in. If the option is disabled, existing members will retain their current security roles until manually updated within PlaidCloud.