Skip to main content

How to Configure SSO Settings in UpKeep

Learn how to configure SSO settings in UpKeep, including user types, profile updates, native login, and reauthentication options

Updated this week

Available On: Enterprise

Once you have set up SAML authentication for Single Sign-On (SSO) in UpKeep, you can configure additional settings to customize user access and authentication behavior. These settings allow you to manage user types, profile syncing, login methods, and session durations for enhanced security and flexibility,

What is Single Sign-On (SSO)?

Single Sign-On (SSO) is a login functionality that allows team members to access their work systems using one secure company-provided login account, such as Google Workspace or Microsoft Azure credentials. With SSO, there’s no need to remember individual passwords for various platforms, which makes it both convenient and secure.

Benefits of SSO

Here are the primary advantages of implementing SSO for organizations:

  • Simplified Login Process: Employees only need to remember one password, reducing complexity and saving time during login. This is especially useful for companies managing multiple tools or software platforms.

  • Enhanced Security: By requiring secure company-managed credentials, SSO minimizes the risks associated with weak, reused, or forgotten passwords.

  • Increased Productivity: Less time spent on login issues translates to more time focused on work.

  • Scalability and Integration: SSO can streamline access regardless of the organization’s size or setup, making it suitable for businesses of all scales and industries.

This includes supporting identity providers such as Azure Active Directory (Azure AD), which enhances integration and role management capabilities.

How Does SSO Work?

Here’s an overview of how Single Sign-On operates:

  1. A user attempts to access a platform that supports SSO.

  2. The platform redirects the user to a central identity provider (e.g., Google or Microsoft) for authentication.

  3. The user logs into the provider with their usual credentials.

  4. Once authenticated, the identity provider grants access across different connected tools without requiring the user to log in again.

This seamless process ensures that users enjoy a smooth and secure experience without the constant hassle of entering credentials.

How to Find Your Single Sign-On Settings

To access your SSO settings in UpKeep:

  1. Go to Settings

  2. Select Authentication

  3. Click Configure on the Authentication tab

  4. Your SSO settings will be located at the bottom of the page

Single Sign On Settings

When troubleshooting SSO issues in UpKeep, there are several key steps to consider. Understanding how to verify your SSO provider configuration, resolve Company ID issues, and test your SSO setup can ensure a smooth and secure login process.

If using the UpKeep mobile app, ensure that your SSO credentials and company identifier are correctly entered as outlined in the mobile app setup instructions.

Specific configurations such as integrating with Azure AD can streamline your login process and align with organizational requirements.

Default User Type

This setting determines the type of user that will be created when they log in via SSO. You can either specify a default user type here or pass it in the SAML attributes as accountType

Supported values:

  • ADMIN – Full administrative access.

  • TECH – Technician-level access.

  • VIEW_ONLY – Read-only access.

  • REQUESTER – Limited access for submitting requests.

  • A "Limited Admin" role is not supported via SSO. You can use existing roles such as ADMIN or TECH to achieve similar access control.

Update Profile Each Time a User Logs In

When enabled, UpKeep will sync available user profile fields from your identity provider (IdP) every time a user logs in. This ensures that user details stay updated with your organization's identity management system.

Enable Native Login

Enabling this setting allows users to log in using either SSO or their UpKeep username and password. If disabled, users must authenticate exclusively through SSO.

Force User to Reauthenticate

When enabled, users will be automatically logged out after a specified duration, requiring them to reauthenticate via SSO. This enhances security by ensuring periodic revalidation of user sessions.

Logging in with Single Sign On (SSO)

Once Single Sign-On (SSO) is configured, you can log in using your company’s authentication provider.

  1. On the Main Login Screen select Continue with SSO

  2. Enter your email

    • You can also use your CompanyID

      • Learn how to create a direct URL to your CompanyID here

  3. You will be directed to your Authenticator

    • Follow your authenticators steps to get logged in

Troubleshooting SSO Issues in UpKeep Asset Operations

Quick Troubleshooting Tips

  • Ensure you have the correct company identifier and credentials provided by your administrator.

  • Double-check for typos in your company identifier on both web and mobile platforms.

  • Have your administrator verify the SSO provider configuration if you encounter persistent errors.

Single Sign-On (SSO) is a crucial feature to streamline authentication in UpKeep Asset Operations. Troubleshooting SSO issues effectively can ensure a smooth login experience for your team.

Logging in with Single Sign On (SSO)

When

  1. On the Main Login Screen select Continue with SSO

  2. Enter your email

    • You can also use your CompanyID

      • Learn how to create a direct URL to your CompanyID here

  3. You will be directed to your Authenticator

    • Follow your authenticators steps to get logged in

Related Articles
How to set up Single Sign On (SSO) - Okta
How to set up Single Sign On with ADFS
Verifying SSO using Azure SSO for UpKeep
How To Create a Direct Link For SSO Authentication
UpKeep Studio FAQs
Did this answer your question?