Monsido

Q: Does Monsido provide Single Sign-on (SSO)?

A. Monsido supports SAML 2.0 and Shibboleth Single Sign-on Systems.

Single sign-on systems save your employees time and help you avoid the potential fallout that can result from lost or forgotten passwords, as well as reduce the risk of password phishing for your company.

Contact the Monsido <a href="mailto:support@monsido.com" rel="nofollow noopener noreferrer" target="_blank">Support team</a> with the request. Provide:

- An IdP metadada URL address or .xml file
 Note: It is not always possible to retrieve your IdP metadata without first knowing the SP metadata. If this is the case, complete the rest of step 1 and then proceed to step 2.
- Email address for login (also let us know if the address is Name-ID or an attribute)
- Additional recommendation: If possible, include first and last name in the attributes.

- SP metadata URL
- ACS URL
- Login URL
- Logout URl
- Entity ID.
   

When everything has been tested, Monsido can enable enforced single page sign-on.

Test the single page sign-on in the Monsido App.

- Requirements: The person that tests the sign-on must have a Monsido account.
   
- When the test is OK, Monsido sets up the email domains to enable single page sign-on. This will now work every time you enter Monsido. 
   
- Monsido can also enforce the single page sign-on by disabling the password sign-on fallback. This means that if the single sign-on does not work, a password option is provided. Monsido does not use Auto provision, so when you attempt to log on with single sign-on you need to have a user registered in the Monsido App. This is because the normal login process includes counter-checking the user email that is used against existing emails that are on the user list in Monsido.

1. Contact the Monsido <a href="mailto:support@monsido.com" rel="nofollow noopener noreferrer" target="_blank">Support team</a> with the request. Provide:
 - An IdP metadada URL address or .xml file
 Note: It is not always possible to retrieve your IdP metadata without first knowing the SP metadata. If this is the case, complete the rest of step 1 and then proceed to step 2.
 - Email address for login (also let us know if the address is Name-ID or an attribute)
 - Additional recommendation: If possible, include first and last name in the attributes.
 
2. Monsido then provides:
 - SP metadata URL
 - ACS URL
 - Login URL
 - Logout URl
 - Entity ID.
 
3. When everything has been tested, Monsido can enable enforced single page sign-on.
 
4. Test the single page sign-on in the Monsido App.
 
 - Requirements: The person that tests the sign-on must have a Monsido account.
 
 - When the test is OK, Monsido sets up the email domains to enable single page sign-on. This will now work every time you enter Monsido. 
 
 - Monsido can also enforce the single page sign-on by disabling the password sign-on fallback. This means that if the single sign-on does not work, a password option is provided. Monsido does not use Auto provision, so when you attempt to log on with single sign-on you need to have a user registered in the Monsido App. This is because the normal login process includes counter-checking the user email that is used against existing emails that are on the user list in Monsido.

For further assistance, <a href="mailto:support@monsido.com" rel="nofollow noopener noreferrer" target="_blank">contact our Support team</a> or contact our live help anytime via the Monsido chat and help features inside the application.