Customer trust and data security is a top priority at Qualified. We strive to help protect your business from vulnerabilities while also increasing productivity for your teams. That’s why we offer SSO (single sign-on) through multiple Identity Providers (IdP)—including Okta, Azure, and OneLogin. Qualified’s enterprise SSO helps your team access Qualified through a single entry point and gives IT complete control.
Single sign-on (SSO) is a way of authentication that allows a user to log in with a single ID and password to any of several related, yet independent, software platforms.
With Qualified Enterprise SSO, you get:
- Increased security with streamlined identity management for your employees
- Centrally controlled access to Qualified to simplify workflows for IT teams
- Effortless access to Qualified through a single point of entry—no more forgotten passwords
In this article, we’ll go over how to configure SSO for your Qualified account.
Getting Started
To get started, you’ll need to set up a connection (or connector) for Qualified with your IdP (Identity Provider). Currently Qualified works with the following IdP’s but contact us to find out how we might work with yours if it’s not listed below:
- Azure AD
- Active Directory Federation Services
- Okta
- OneLogin
Enable SSO in Qualified
Once you’ve configured your identity provider (IdP), a Qualified administrator in your account can enable SSO using the steps below. Contact our technical support team or your Qualified Success Architect if you don't see these settings.
- Login to Qualified and navigate to Settings > Single Sign-On
- Follow the steps outlined on the SSO page:
- Select your Identity Provider. Don’t see your's? Contact our team.
- Install Qualified within your IdP. See specific instructions for OneLogin, Okta, and Azure AD.
- If using Active Directory Federation Services, please contact our team.
- Copy the Qualified Company ID provided on this page and paste it into your Identity Provider when prompted.
- Enter the Metadata URL given to you by your Identity Provider into Qualified (see the red box below).
- Press the “Verify Configuration” button provided on the page.
- Finally, click "Enable single sign-on for this team." This will fire off an email to all existing Qualified users (shown below).
Once your SSO is verified, you will see this screen appear to confirm that your configuration is correct.
.png)
Once SSO is Enabled
As soon as you’ve set up SSO, your Qualified admin will need to add any new users to the Qualified Application tile within the IdP as well as create the user via Qualified. (We do not do Just-In-Time or JIT user creation at this time).
If your admin assigns the Qualified tile to someone before inviting that person and they click on the SSO tile, they will see an error when trying to log in.
If people are logged into their Qualified account at the time SSO is enabled, they will remain signed in. As soon as they log out, they’ll be then asked to use their SSO going forward. They’ll also receive the email below, prompting them to link the two accounts. If they do not click the link within 72 hours, they'll no longer have access to Qualified.
Disconnecting SSO
If you'd like to disconnect your organization's SSO, you can do so at any time. Press the "Disable SSO for this team" button on the same setup page as above. This will disconnect your teammates, and then they will receive an email asking them to create a new password. Moving forward, they will log in using their email address and new password.
.png)
Summary
Implementing SSO adds an extra level of security and increases your users' productivity. Connect Qualified to your preferred IdP, log in to Qualified to enable your account, and begin inviting team members to the Qualified application tile within your IdP.
.svg)
