Editing
Set up single sign on
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
```mediawiki '''Navigation:''' [[Main_Page]] > [[Settings]] > [[Security]] > Set up single sign-on == Set up single sign-on for your ActiveCampaign account == === Introduction === Single sign-on (SSO) is a vital feature for organizations looking to enhance their user experience and security. With SSO, users can access multiple applications, including ActiveCampaign, using a single set of credentials provided by an identity provider (IdP). This eliminates the need to manage multiple usernames and passwords, thus streamlining the login process. In the context of ActiveCampaign, setting up SSO allows admins to integrate with various SAML (Security Assertion Markup Language) compliant identity providers such as Okta or Microsoft Entra ID (Azure AD). This feature is particularly crucial for businesses utilizing a corporate network that requires secure and efficient access to applications. With this feature, organizations gain tighter control over user authentication, and improve compliance with corporate security policies. The ability to enforce SSO can reduce potential vulnerabilities associated with using separate login credentials for each service. === How to Access This Feature === To set up SSO in ActiveCampaign, you must have admin privileges within your account. Follow these steps to access the SSO settings: # Log into your ActiveCampaign account as an Admin user. # Navigate to the '''Settings''' by clicking on the gear icon. # Select the '''Security''' option from the menu. # Find the '''Single Sign-On''' option to begin the setup process. === Step-by-Step Instructions === Setting up SSO involves several specific steps depending on the identity provider you choose. Below are general instructions for connecting your ActiveCampaign account to a SAML-based identity provider: ==== General Instructions for SAML-Based Identity Provider ==== 1. Log in to your identity provider’s account and create a new application. 2. In a new tab, log into your ActiveCampaign account as Admin. 3. Click on '''Settings''' (gear icon) > '''Security'''. 4. Locate the '''Single Sign-On''' toggle and set it to '''On'''. 5. Choose your desired '''Sign In Method''' from the dropdown options: - **Hybrid Login**: Allows users to use SSO or Email and Password. - **Enforce Single Sign-on**: Requires users to log in using SSO only. 6. Enter the name of the identity provider in the '''Name of Secure Login Provider''' field. 7. Copy the '''Sign-on URL''' and paste it into your identity provider's settings where required. 8. Copy the '''Audience URI (SP Entity ID)''' and paste it into your identity provider's settings. 9. Locate the SAML metadata in your identity provider's settings. Copy and paste this metadata into the '''SAML metadata''' field in ActiveCampaign. 10. Click the '''Save''' button to complete the setup. === Configuration Options and Settings === When configuring SSO, there are several settings to be aware of: * **Sign In Method**: Choose between Hybrid login or Enforce Single Sign-on based on your organization's preferences. * **Name of Secure Login Provider**: Specify a defining title for your IdP. * **Sign-on URL**: The URL provided by your identity provider for SSO to function correctly. * **Audience URI (SP Entity ID)**: This serves as a key identifier for your ActiveCampaign account in the SSO integration. * **SAML Metadata**: Including the SAML metadata allows your identity provider to communicate seamlessly with ActiveCampaign. === Best Practices and Tips === - Always test your SSO setup before logging out of ActiveCampaign. This ensures that your settings are correctly configured and reduces the risk of being locked out of your account. - Instruct your users on how to access ActiveCampaign via the identity provider to minimize confusion. - Consider enforcing re-authentication for each login to increase security when using an identity provider. - Regularly review your SSO configuration and user assignments to ensure compliance and security are maintained. === Common Use Cases with Examples === 1. **Corporate Environments**: A business using Microsoft Entra ID can simplify logins for all employees by configuring SSO, allowing them to access ActiveCampaign after logging in via their corporate credentials. 2. **Security-Focused Organizations**: Firms that value data security could implement two-factor authentication alongside SSO to further enhance user protection. 3. **Educational Institutions**: Schools using a centralized IdP can streamline access for students and faculty, ensuring seamless entry into learning management systems and ActiveCampaign for marketing communications. === Troubleshooting Section === In case of issues during the SSO setup or login: - Check that all required fields are filled out correctly, especially the **Sign-on URL** and **Audience URI**. - Verify that the metadata from the identity provider has been pasted accurately into ActiveCampaign. - Ensure all users are assigned correctly within your identity provider's application configurations. - If users experience login issues, have them check their credentials and attempt using a different browser or incognito mode. === Related Features === - [[Automations]]: Streamline user engagement following successful logins. - [[User Management]]: Organize contact groups and permissions for users authenticated through SSO. - [[Security Settings]]: Maintain overall account security measures alongside SSO. === FAQ === '''Q1: What happens if I forget to test the SSO settings after configuration?''' A1: Not testing your SSO settings can result in users being locked out of their accounts if configurations are incorrect. '''Q2: Can I still use passwords with SSO?''' A2: Yes, if you choose the **Hybrid Login** method, users can utilize both SSO and traditional login methods. '''Q3: What identity providers are supported for SSO?''' A3: ActiveCampaign supports various SAML providers including Okta, Auth0, Microsoft Entra ID (Azure AD), and OneLogin. '''Q4: Will activating SSO affect my two-factor authentication?''' A4: No, activating SSO will not interfere with two-factor authentication settings already in place. '''Q5: How do I troubleshoot an SSO login error?''' A5: Ensure that the configuration settings are correct and that all users have the appropriate permissions assigned within the identity provider’s application. '''Q6: Can I revert to regular logins after setting up SSO?''' A6: Yes, by changing the '''Sign In Method''' back to traditional email and passwords in your ActiveCampaign settings. '''Q7: Are there any material requirements for setting up SSO?''' A7: Yes, a SAML-compliant identity provider is necessary for SSO functionality to work with your ActiveCampaign account. By following this comprehensive guide, administrators can efficiently set up and manage single sign-on authentication for ActiveCampaign, thus enhancing both security and user experience. ```
Summary:
Please note that all contributions to Activepedia may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Activepedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
Namespaces
Page
Discussion
English
Views
Read
Edit
Edit source
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Tools
What links here
Related changes
Special pages
Page information