Single Sign-On (SSO)
Configure SAML-based Single Sign-On for your organization
Single Sign-On (SSO) allows your team to log in to OppLogix using your organization's identity provider. This simplifies access management and strengthens security by centralizing authentication.
Supported Identity Providers
OppLogix supports SAML 2.0-based SSO with the following identity providers:
1
Okta
2
Azure AD (Microsoft Entra ID)
3
Google Workspace
4
OneLogin
5
Any other SAML 2.0 compliant identity provider
Configure SSO
Set up the connection between OppLogix and your identity provider.
1
Navigate to Settings in the sidebar, then select the SSO tab
2
Copy the ACS URL and SP Entity ID provided by OppLogix -- you will need these when configuring your identity provider
3
In your identity provider, create a new SAML application using the ACS URL and SP Entity ID
4
From your identity provider, obtain the Entity ID, SSO URL, and X.509 Certificate
5
Enter those three values into the SSO settings in OppLogix
6
Click Save to enable SSO
SSO Enforcement Mode
Choose how SSO interacts with password-based login:
1
Optional -- Users can log in with either SSO or their OppLogix password. This is recommended during initial SSO rollout
2
Enforced -- SSO is the only login method. Password login is disabled for all users. Use this after confirming SSO works for your team
Auto-Provisioning
When enabled, new users are automatically created in OppLogix on their first SSO login, provided your organization has available seats. The user's name and email are pulled from the SAML assertion.
Before enforcing SSO, verify that at least one admin user can successfully log in via SSO. If SSO is misconfigured and enforced, all users (including admins) will be locked out. Contact support if this occurs.
Start with SSO in Optional mode and have a few users test the SSO login flow. Once confirmed working, switch to Enforced mode to require SSO for all users.