Available On: Business Plus
Once you have set up SAML authentication for Single Sign-On (SSO) in UpKeep, you can configure additional settings to customize user access and authentication behavior. These settings allow you to manage user types, profile syncing, login methods, and session durations for enhanced security and flexibility,
How to Find Your Single Sign-On Settings
To access your SSO settings in UpKeep:
Go to Settings
Select Authentication
Click Configure on the Authentication tab
Your SSO settings will be located at the bottom of the page
Single Sign On Settings
Default User Type
This setting determines the type of user that will be created when they log in via SSO. You can either specify a default user type here or pass it in the SAML attributes as accountType
Supported values:
ADMIN β Full administrative access.
TECH β Technician-level access.
VIEW_ONLY β Read-only access.
REQUESTER β Limited access for submitting requests.
Update Profile Each Time a User Logs In
When enabled, UpKeep will sync available user profile fields from your identity provider (IdP) every time a user logs in. This ensures that user details stay updated with your organization's identity management system.
Enable Native Login
Enabling this setting allows users to log in using either SSO or their UpKeep username and password. If disabled, users must authenticate exclusively through SSO.
Force User to Reauthenticate
When enabled, users will be automatically logged out after a specified duration, requiring them to reauthenticate via SSO. This enhances security by ensuring periodic revalidation of user sessions.
