Setting Up Login Rules and Single Sign-On (SSO)
Making accessing your SaaSquatch referral and loyalty programs even easier by setting up SSO or Google OAuth. We support SSO integration for most major Identity Providers, including Okta, Azure, SAML and OneLogin.
SaaSquatch offers three sign-in methods: email and password, Google OAuth and SSO.
By default, team members sign in with an email address and password. Full access team members can update these settings to allow signing in with Google OAuth or SSO. They may also create login rules to enforce a specific sign-in method, e.g., requiring all team members to use SSO after it’s been set up.
To start signing in with Google OAuth or SSO, you'll need to tell us which domain you want to use and then verify that you own it. This helps us identify that the person logging into SaaSquatch is a part of your organization and eligible to use Google OAuth or SSO. There are a few steps you'll need to take in the SaaSquatch Admin Portal to finalize the process.
Before you begin: You will need assistance from the person who manages your domain in order to verify domain ownership. Ownership verification is required before you can set up login rules or SSO.
🔗 1. Add the domain and verify ownership
Before you can set up login rules or SSO, you’ll need to verify that your organization owns the domain. If you’ve already verified ownership for the domain you want to use, then continue to Set login rules for the domain.
- Sign in to the Admin Portal as a full access team member.
- Go to the Organization Settings page by clicking on your company's initials to the left of the tenant selection dropdown list.
- Add the domain.
- Click the Add Domain button in the Domains section.
- Enter the domain name. Both root and subdomains are accepted.
- Click Next. YOu don't need to select a domain configuration if you will only use this domain for login settings or SSO.
- Verify that you own the domain.
- Expand the ownership verification section.
- Update your DNS settings with the information you see on screen.
- Return to this page 48 hours after updating your DNS settings and click Check Status to confirm that setup is complete.
- Note: This step is required before you can start to use your domain. If setup still isn't complete after 48 hours, then reach out to our Support team for help with troubleshooting.
- Click Finish.
The domain that you added will appear on the Organization Settings page. Now you can update your login settings to use this domain for sign-in.
🔗 2. Update the login settings
Login settings let you choose the sign-in method available for team members signing in from this domain. Once you’ve picked a sign-in method, you can only change it if no one on your team is still using the old method.
- Return to the Organization Settings page.
- Expand the Login Settings tab for the domain you want to use.
- Select the login rules you want to enforce.
- Note: If you want to enforce SSO, then make sure you have set it up first.
- Click Save.
🔗 3. Set up SSO (optional)
This step requires technical setup, and you may require developer assistance.
Important: Changing or removing an existing SSO connection may lock team members out of the Admin Portal. Please contact our Support team first—we’ll help you make sure all your team members keep their Admin Portal access.
- Expand the Login Settings tab for the domain you want to use.
- Click Configure SSO Settings.
- Continue on to:
- Create a SAML application
- Upload identity provider metadata
- Confirm your SSO setup
Your team members can now use SSO to sign in to SaaSquatch. Make sure to update the login settings to restrict other sign-in methods if needed.
🔗 Supported SSO identity providers
We support SSO integration for many major identity providers, including:
Okta | Azure |
SAML | |
OneLogin | ADFS |
JumpCloud | PingFederate |
OpenID | Auth0 |
CyberArk | Shibboleth |
VMware | Duo |