Enterprise Single Sign On (SSO)

  • Updated
Follow

OffSec platform supports Single Sign On (SSO) for our enterprise clients.


In this article, you will find detailed information and best practices for setting up and using SSO with your team.

How can my organization enable single sign-on?

OffSec’s SSO solution currently supports a limited number of protocols.

To learn if SSO is available for you, please contact your Enterprise Customer Success support (ECS) or you can submit a request and our team will provide you with further information and instructions.

How to sign in with SSO with organization domain?

If your organization has enabled SSO:

1.On the Sign In page, click “Continue with Single Sign-on"

2. Add in your company’s domain then click “Continue” and complete the sign in process.

Note: If SSO is not enabled for your organization, you will see the error message “There is no single sign-on configured for this account”.

Once completed and you have connected your company’s domain, you should be able to log-in using SSO and you will not be prompted to sign in or sign up. You can directly sign in using your Company domain and you’re good to go!

Can I still use my existing OffSec credentials to login?

Absolutely! Even if SSO is enabled for your organization, you may use your OffSec Learning Platform username or email and password to sign into your account. 

If you’re new to the platform and don’t yet have an account, please refer to the section I don’t have an existing account in the OffSec Platform, can I still use the SSO feature to sign in?

As an individual learner with an existing account, can I use SSO to sign in?

Yes, as an individual customer with no Organization or Admin role tied to your accounts, you can sign in to the OffSec Platform using your Social Media Sign-In (using Google). 

How can I unbind the email address in my account? 

Step 1: Log in to your Platform account.

Step 2: Click on your “Username” which is located at the top right corner. 

Step 3: Select “Security” from the drop-down and you will see this screen with  “Change Password” and “Manage Third Party Access”.

Step 4: From here, there will be a section on the page that shows “Manage Third Party Access”. You may click “Remove” if you wish to unbind your Platform account with the email address or Google account you used to sign in. 

Step 5: To completely remove the binding of your gmail account, you have to go to your Gmail account’s settings  -> Data and Privacy -> Third-party apps & services. From there you can successfully unbind your gmail address to your OffSec Platform account.  

I don’t have an existing account in the OffSec Platform, can I still use the SSO feature to sign up?

As long as you receive an invitation from your Admin and the company domain has been set up for SSO, you will be able to sign up via SSO. 

Here is a quick step-by-step guide on how to access SSO from an invite:

  1. Admin will send an invitation to your email address with an invitation link 
  2. Click on “Accept Invitation”
  3. As long as the invitation was sent from an organization that has SSO setup, the link should redirect the you to the Sign up with SSO screen.
  4. Double check your company’s domain which is already pre-populated from the invitation and click “Sign Up” 
    1. If you already have an account, please follow the steps above.
  5. After clicking on “Sign up” you will be redirected to the Identity Provider. You may proceed to log in or you can click on “Continue with Google” (which is only valid if your Identity provider is Google) if you are already signed in.
  6. You will then be redirected to “Complete your Profile” page, please populate the form. Your First Name and Last Name will be pre-populated from your Identity Provider if your identity provider has the information.
  7. Once you have successfully completed your profile, you will see “Personal Data Success” pop up and the system will let you select your Communication Preferences. You may select whichever you prefer.
  8. After choosing your communication preferences, you will now be redirected to the OffSec Platform with the “Accept Invitation” option. Please accept the invite to have access to the product. 

You’re all set! The next time you log in, please use the “Single Sign-On” option to log-in to your account.

I have an existing account but I have been invited by my Admin with SSO already set up, can I log-in using SSO? 

If you already have an account with OffSec and your Admin invited your account (the domain has been set up for SSO) please see below:

  1. Once you have accepted the invitation, you will be redirected to Identity Provider
  2. If the email does not exist - the system prompts that we haven't identified the user in our system. If you already have an account, you can log into your existing one and our system would link them.

  1. Once you’re in the Platform, accept the invitation
  2. The next time you log in, you can use the “Continue with Single Sign-On”
  3. Enter your Company’s domain and you are good to go!

I did not receive an invitation from my Admin, can I still sign in using my company’s domain even without an existing account? 

Yes! If your company domain has SSO set up, you can absolutely sign up without an invite or an existing account. 

What you need to do:

  1. Click on “Continue with Single Sign-On”

  1. You will be redirected to the “Sign in with Single Sign-on” page. Please click on the “Sign up with Single Sign-On” to proceed.

  1. You will see the Identity provider page. Click on the “Continue with Google” if you have signed in your account in Google.

  1. You will then be redirected to the “Sign In” page, since you do not have an existing account you will see a notification that your email address is not recognize by our system. To proceed, please click “Sign up with Single Sign-On”

  1. You will be prompted to enter your company’s domain.   

  1. After which, you will be redirected to Complete your profile. Please fill out the form and click “Save”.

You’re good to go! The next time you log in, please sign in using “Continue with SSO”.

Related articles

Powered by Zendesk