🔒 Overview

SpyCloud supports Single Sign-On (SSO) through your preferred Identity Provider (Id), letting users securely log in with existing credentials.

We support Okta, Entra ID (Azure AD), ADFS, and any custom SAML or OIDC provider. SpyCloud’s console, access to user, organization, and license settings is controlled through two built-in roles you can assign to each member of your security team:

🕒 Setup time: ~10 minutes
👤 Required role: Administrator

👇CONFIGURE SSO

---

🧰 Before You Begin

⚠️

Important:
If you already have 2FA enabled, it will be disabled once SSO is connected.
Your IdP will take over authentication settings, including 2FA, SMS, and password policies.

---

🚀 Step-by-Step Setup

1. Log in to your Console as an administrator.
2. Navigate to Configuration → Settings → Security Settings.
3. Click Connect Single Sign-On.
4. Follow the guided pop-up to complete setup.

👇SECURITY SETTINGS

---

🧩 Choose Your Identity Provider

---

🔗 Configure in Your IdP

1. Add SpyCloud as a new application in your IdP.
2. Copy the configuration values shown in SpyCloud:
   • Redirect URLs
   • Client IDs
   • Etc
3. Paste these values into your IdP SSO setup form to establish the connection.

💡 Tip: SpyCloud’s SSO workflow is powered by Auth0.
Refer to Auth0 documentation for advanced installation and configuration options.

---

📨 (Optional) Verify Your Domains

You can add and verify domains to streamline user login. For example, users with @example.com will be automatically redirected to your IdP’s login page.

---

✅ Test & Finalize

• Click Test Connection to validate setup.
• Once successful, select Enable SSO to activate.

🧠

After Setup:

• IdP manages all authentication (2FA, password policies).
• Users will sign in via SSO on next login.
• Admins can update IdP or domains anytime under Configuration → Settings → Security Settings.