With "Require", you will commit your entire company to the authentication method you select, and disallow users from signing on with ClickTime email/password credentials. By default, a new company will always default to the "Allow" setting for Single Sign-On. Usually this setting can be helpful for previewing an authentication configuration before you commit to requiring it. For example, if I select "Allow" for "sign-in using Single Sign-On", then I will grant the user the ability to log in with either their email/password or the selected Single Sign-On provider (Azure AD, Google Apps, Okta, OneLogin, or Custom SAML 2.0) account. If you'd like to discuss upgrading your account so you can use another SSO solution, please reach out to our Support Team.īy selecting "Allow", your company can sign into ClickTime with both their ClickTime email/password combination, as well as your company's selected Single Sign-On method. Please note: Unless you have an Enterprise account, you will only see the option for "Google". This section covers the configuration from the ClickTime side.ĬlickTime Administrators can opt to allow or require Single Sign-On settings for their entire company on the Company -> Preferences page in the Security section:
If you’d like to learn more about SAML, please visit our partners, Okta or OneLogin, for more information.Ĭomplete configuration requires ClickTime-side configuration and Identity Provider -side configuration. You may configure your Identity Provider for SP-initiated (user starts of ) or IdP-initiated (user starts from within your Identity Provider) login workflows.
While some organizations still use SAML 1.1, ClickTime only supports SAML 2.0 for our partner and customer SAML Single Sign-On implementations. This allows you to access many applications under your network’s umbrella using one username and password. Security Assertion Markup Language (SAML) is a standard that allows authentication credentials to be shared by multiple applications within a network. Logging into ClickTime using Custom SAML Single Sign-On Identity Partner Configuration - Azure AD, Okta, OneLogin Identity Partner Configuration - Google Apps Custom: Create your own custom authentication option for any other providers that support SAML 2.0Ĭlick the following links to learn more about each option:.SAML Identity Partners: Azure AD, Okta, OneLogin.With SSO, a ClickTime user could, for example, sign in to the application by just using their Google Apps email address.ĬlickTime currently offers the following single sign-on (SSO) options: Single Sign-On (SSO) gives ClickTime users the convenience of not needing to maintain a separate email/password combination in order to start their session.