Single Sign-on (SSO) is an authentication process that allows a user to access multiple applications with one set of sign-in credentials. SSO is a common procedure in enterprises, making it easier for them to manage a centralized list of their users. This practice makes it easy for them to restrict access to users from all connected applications by simply disabling their accounts once in the central database.
This feature is available in Web Testing and Conversion Optimization Enterprise plans. Customers who have an Enterprise plan and use authentication providers such as Google, Azure cloud, OneLogin, Okta, and Auth0 (or any other SAML 2.0 based identity provider) can now authenticate their employees on VWO using SSO.
Advantages of Using SSO
- Eliminates credential reauthentication and helpdesk requests, thus improving productivity.
- Streamlines local and remote applications and desktop workflow.
- Minimizes phishing.
Enabling SSO in your VWO Account
Once you have created a VWO account, you can enable SSO for it. This is a one-time task.
To raise the SSO request from the app, users must have access level as Admin or Owner.
- Sign in to your VWO account.
- Go to Settings > Account > Security.
- Scroll down to the Single Sign-On section and click Raise a Request.
In the request, you are required to share the following with the VWO team:
a. Identity Provider URL
b. Entity ID
c. A certificate that can be found in the settings section of your identity provider
Signing in to Your VWO Account Using SSO
Once you have enabled SSO for your VWO account, you can sign in by using the SSO option.
NOTE: After enabling SSO, the email and password fields are disabled and you can no longer sign in to your VWO account by manually entering the values in the email and password field.
- Go to the sign-in page, and click Sign in using SSO.
You’ll be redirected to the SSO page.
- In the Email address field, provide your email address.
You will be redirected to your identity provider to authenticate, or if you are already authenticated, you’ll be signed in to your VWO account.
NOTE: To allow users to sign in using SSO, you should add users to your VWO account. To know about how to add users, refer to Adding Users and Sub-Accounts in your VWO Account.
Single Sign-on FAQs
- How should I configure SSO?
Users with the Admin or Owner access level can raise a request to the VWO support team from the Security tab. You will then be contacted by the VWO support team when you can provide all the details required for enabling SSO. After you have provided all the required information, our support team will verify the SSO integration. After the verification is done, we will enable SSO for your account. Our support team will be in touch with you throughout the process.
- What would happen to the current session when a single sign-on is enabled/disabled for an account? Will the users be signed out of their accounts?
Users won’t be signed out.
- If an admin/owner enables SSO, will users still be allowed to sign in by using an email password?
No, all the users will have to use Sign in Using the SSO option. They cannot use a password to sign in.
- If SSO is disabled, how will the users access the account? Can they start using their old email address and password?
Yes, users can use their existing email address and password to access their account. The users who haven’t set their password even once can use Forgot Password link to set their password, after this they can use the email address and the new password to sign in to their account.
- Will the users be allowed to change the password after SSO is enabled?
No, users cannot change the password after SSO is enabled for them, as they will not need passwords to sign in to VWO.
- What would I do if my identity provider goes down?
Raise a support ticket with VWO, and VWO will disable SSO for you. All users in your account can generate a password by using the link in the email sent to them or clicking the Forgot Password link and use it to sign in to VWO.
- Can I enable SSO only for a few users in my account?
No, it is not possible to have both SSO and non-SSO users. After SSO is enabled for your account, all users need to sign in through SSO.
- My company has enabled SSO, but I cannot sign in using SSO from my email id?
We recommend that you check if your email is added as a user in the VWO account. If you are able to confirm that and still unable to sign in, contact firstname.lastname@example.org.
- My company uses a custom Single sign-on solution. Is VWO compatible with that?
VWO is compatible with any SAML 2.0-based authentication solution. Just reach out to VWO support at email@example.com, and they will help you configure it.
- What are the entry and logout URLs for VWO?
Entry URL: https://app.vwo.com/login/ssocallback
Logout URL: https://app.vwo.com/sso/logout