Your users can now use the Single Sing-On (SSO) feature to log into Grow. Grow supports Google, Microsoft, and Epicor as SSO options.
Here are a few things to remember for SSO logging in:
- Users must first be invited to Grow. This can be done manually or via CSV upload.
- After users are invited to Grow, they can use an SSO login option, as long as the user's SSO email matches the email where the Grow invite was sent, otherwise Grow will not recognize the user.
- Users are then free to sign into Grow via email or SSO.
Auto provisioning refers to a process of automatically creating and updating user accounts and permissions in an application using the authentication data provided by the identity provider: IdP.
Auto provisioning with SSO is not currently supported. When users leave the company, they need to be manually removed from Grow. Though the User's SSO authentication will stop working, their email authentication will continue to work until they are removed from Grow.
Here is an image of the Grow SSO login:
Setting Authentication Options to Login
Your administrators can set various authentication options for your users to sign in into their accounts. You can revoke these authentication options any time you want. This provides better data and application security for your Grow account.
Note that only administrators can modify the authentication options for signing in.
Here are the steps to set authentication options for your users.
- Select the Settings gear icon at the top right.
- Select Company Info in the left panel.
- Scroll down to Authentication Options section.
- Choose the authentication options that you want to display in the Login page. You should choose at least one option for the users to sign in.
- Select Save after making the changes for them to reflect in Grow.
For WhiteLabel, you can find the Authentication Options section in Settings > Branded Settings.