Updates to Haiilo's SSO flow! We have rebuilt our SSO flow to meet technical requirements, which means you have to reconfigure your configuration for your SSO to continue to work. Learn more in Establishing a new SSO configuration with Haiilo's updated SSO flow.
SAML-just-in-time Single Sign-on (SSO) allows users to access Haiilo through your company's identity provider (IdP). SAML ensures that only authorized employees can join the company's Haiilo platform, adding an extra security layer. To accompany SSO, you can use SCIM user provisioning to automatically add, update, and remove users.
With SSO enabled, your users have to log in to the platform with their company credentials by selecting Login with Single Sign On on your company's login page. Only users who have been assigned to the application in your identity provider will be able to access the platform.
Set up Single Sign On
To configure SSO, you need to complete steps in both your identity provider and Haiilo. We provide guides tailored to specific IdPs to help you. If your organization uses any of the listed identity providers, please use the corresponding article to set up SSO:
If your company uses none of the above identity providers, please refer to our general guide Setting up SSO on any other IdP.
Important: SSO Pre-Configuration Steps. If you are planning to use Single Sign-On (SSO) and allow users to self-select their own groups during onboarding, you must configure the "Can users self-register" and "Email domains" settings in Invitations & Registrations for each group before activating SSO. These settings remain active and govern which groups users can self-select during the onboarding process, even with SSO enabled. They are not in effect when provisioning users and groups using SCIM.